|发布时间 :2011-02-03 20:00:02|
|修订时间 :2011-07-18 21:19:44|
[原文]Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.
- CVSS (基础分值)
- CWE (弱点类目)
- CPE (受影响的平台与产品)
- OVAL (用于检测的技术细节)
|oval:org.mitre.oval:def:9981||Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working director...|
(UNKNOWN) REDHAT RHSA-2004:440
(UNKNOWN) REDHAT RHSA-2004:323
|2011-02-09 00:00:00||2011-02-10 00:00:00|
|LHA Unspecified Command Line Overflow|
|Local Access Required||Input Manipulation|
|Loss of Confidentiality, Loss of Integrity|
|A local overflow exists in LHA. LHA fails to perform proper bounds checking on command line arguments resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary commands resulting in a loss of confidentiality and/or integrity.|
|Upgrade to version LHA for UNIX Version 1.14i or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.|
|LHA Multiple Code Execution Vulnerabilities|
|Boundary Condition Error||11093|
|2004-09-01 12:00:00||2009-07-12 07:06:00|
|Discovery is credited to Lukasz Wojtow and Thomas Biege.|
|RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 2.1
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Mr. S.K. LHA 1.14
|LHA is reported prone to multiple vulnerabilities. These issues include multiple local and remote buffer overflow vulnerabilities and a remote command execution vulnerability. Successful exploitation of these issues may allow an attacker to execute arbitrary code and gain unauthorized access to a vulnerable computer.
The following specific issues were reported:
The application is prone to a stack overflow vulnerability when processing a malicious archive.
Multiple local buffer overflow vulnerabilities were reported as well. These issues can be triggered by supplying an excessive string value to the application through the command line.
Additionally, a remote command execution issue affects the application. This issue is triggered when LHA processes a directory with a malformed name.
LHA versions 1.14 and prior are affected by these issues.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.
RedHat has released an advisory (RHSA-2004:323-09) to address these issues. Please see the advisory in Web references for more information.
RedHat has released an advisory (RHSA-2004:440-04) along with fixes to address these issues for RedHat Enterprise Linux operating systems. Please see the referenced advisory for further information.
RedHat Fedora has released advisories FEDORA-2004-294 and FEDORA-2004-295 dealing with these issues for their Core 1 and Core 2 products. Please see the referenced advisories for more information.
Gentoo has released advisory GLSA 200409-13 dealing with these issues. All LHa users should upgrade to the latest stable version with the following commands:
# emerge sync
# emerge -pv ">=app-arch/lha-114i-r4"
# emerge ">=app-arch/lha-114i-r4"
Please see the referenced Gentoo advisory for more information.
The Fedora Legacy project has released advisory FLSA:1833 along with fixes to address this issue in RedHat Linux 7.3. Please see the referenced advisory for further information.
Mr. S.K. LHA 1.14