LHA: stack buffer overflows and directory traversal flaws
| Package(s): | LHA | CVE #(s): | CAN-2004-0234 CAN-2004-0235 | ||||||||||||||||||||||||||||||||
| Created: | April 30, 2004 | Updated: | June 11, 2004 | ||||||||||||||||||||||||||||||||
| Description: | LHA is an archiving and compression utility for LHarc format archives. Ulf
Harnhammar discovered two stack buffer overflows and two directory
traversal flaws in LHA. See this advisory+patch for more details.
CAN-2004-0234: An attacker could exploit the buffer overflows by creating a carefully crafted LHA archive in such a way that arbitrary code would be executed when the archive is tested or extracted by a victim. CAN-2004-0235: An attacker could exploit the directory traversal issues to create files as the victim outside of the expected directory. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
Posted May 21, 2004 8:55 UTC (Fri)
by gw666 (guest, #12326)
[Link]
you might have noticed that there was no MandrakeSoft advisory for this issue. Lha is available as a unsupported contrib package, but it has been patched in the release 1.14i-10mdk available for Mandrakelinux Cooker and 10.0 Community.
Posted May 27, 2004 11:53 UTC (Thu)
by kreutzm (guest, #4700)
[Link]
A security update for Debian i386 is available, and pending the compilation
on other architectures, an official DSA might come as well, c.f.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=250271.
This is an especially good read for people using non-free (or contrib) software in Debian and the implications for them.
Hi everybody,Mandrake Linux upgrade available
LHA: stack buffer overflows and directory traversal flaws