unace buffer overflow vulnerability

2005-09-22T00:00:00
ID VU:215006
Type cert
Reporter CERT
Modified 2005-10-28T18:05:00

Description

Overview

A buffer overflow in the unace compression library may allow a remote attacker to execute arbitrary code.

Description

The unace compression library is used to decompress ace archives (*.ace file extension). A lack of input validation on filenames in an ace archive may allow a buffer overflow to occur. If an attacker supplies the unace library with a specially crafted compressed ace archive, that attacker may be able to trigger the buffer overflow and, consequently, execute arbitrary code with the privileges of the application linked to unace.


Impact

If a remote attacker can convince a user to access a specially crafted ace archive, that attacker may be able to execute arbitrary code. In addition, this vulnerability may prevent security software, such as anti-virus software, from detecting a malicious ace archive.


Solution

Apply patches from your vendor

The unace compression library is freely available and used by many vendors in a wide variety of applications. As a result, any one of these applications may contain this vulnerability. Users are encouraged to contact their vendors to determine if they are vulnerable and what action to take.


Do not accept ace archives from untrusted sources

Exploitation occurs by accessing a specially crafted ace archive. By only accessing ace archives from trusted or known sources, the chances of exploitation are reduced.


Vendor Information

215006

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Vendor has issued information

__ Sort by: Status Alphabetical

Expand all

Affected Unknown __ Unaffected

Javascript is disabled. Click here to view vendors.

FreeBSD, Inc.

Notified: September 21, 2005 Updated: October 03, 2005

Status

__ Vulnerable

Vendor Statement

unace is available in the FreeBSD Ports Collection. Please see

<http://vuxml.freebsd.org/1d3a2737-7eb7-11d9-acf7-000854d03344.html>

for details regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Gentoo Linux

Updated: October 21, 2005

Status

__ Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see <http://www.gentoo.org/security/en/glsa/glsa-200502-32.xml>

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NetBSD

Notified: September 21, 2005 Updated: September 23, 2005

Status

__ Vulnerable

Vendor Statement

Vulnerable versions of unace were available from NetBSD's pkgsrc 3rd party software system. The affected versions have been marked as vulnerable. Users running the audit-packages tool have already been notified.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

SUSE Linux

Notified: September 21, 2005 Updated: September 26, 2005

Status

__ Vulnerable

Vendor Statement

We are affected by this problem and have released updates for this issue on 16th of June 2005.

They are referenced in our Summary Report 2005-16 under this URL: <http://www.novell.com/linux/security/advisories/2005_16_sr.html>

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Apple Computer, Inc.

Notified: September 21, 2005 Updated: October 28, 2005

Status

__ Not Vulnerable

Vendor Statement

Apple does not ship unace in any products.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Debian Linux

Notified: September 21, 2005 Updated: September 26, 2005

Status

__ Not Vulnerable

Vendor Statement

Debian has fixed this problem in February already so there are no vulnerable versions left in the archive. It has been fixed in version 1.2b-3.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

F-PROT by FRISK Software International

Notified: September 21, 2005 Updated: September 23, 2005

Status

__ Not Vulnerable

Vendor Statement

F-Prot Antivirus does not use this library/program to extract the contents of .ACE archives. As far as we can tell from a code review of our own ACE unpacker then F-Prot Antivirus is not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Hitachi

Notified: September 21, 2005 Updated: September 22, 2005

Status

__ Not Vulnerable

Vendor Statement

Hitachi HI-UX/WE2 and Hitachi's middle software products are NOT Vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Mandriva, Inc.

Notified: September 21, 2005 Updated: September 28, 2005

Status

__ Not Vulnerable

Vendor Statement

Hi, Jeff. No Mandriva product ships with the unace program so Mandriva is not vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Nokia

Notified: September 21, 2005 Updated: September 26, 2005

Status

__ Not Vulnerable

Vendor Statement

No Nokia Enterprise Solutions products are affected by VU#215006.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Openwall GNU/*/Linux

Notified: September 21, 2005 Updated: September 22, 2005

Status

__ Not Vulnerable

Vendor Statement

Openwall GNU/*/Linux is not vulnerable. We do not package unace.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Red Hat, Inc.

Notified: September 21, 2005 Updated: September 26, 2005

Status

__ Not Vulnerable

Vendor Statement

No Red Hat products contain unace.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Aladdin Knowledge Systems

Notified: September 21, 2005 Updated: September 23, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Avast! Antivirus Software

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Check Point Software Technologies

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Command Software Systems

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Computer Associates

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Cray Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ CyberSoft, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ DataFellows

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ EMC, Inc. (formerly Data General Corporation)

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Engarde Secure Linux

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ F-Secure Corporation

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ F5 Networks, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Finjan Software

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Fortinet, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Fujitsu

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ GFI Software, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Hewlett-Packard Company

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ IBM Corporation

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ IBM Corporation (zseries)

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ IBM eServer

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Immunix Communications, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Ingrian Networks, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Juniper Networks, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Mandriva, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ MessageLabs

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Microsoft Corporation

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ MontaVista Software, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ NEC Corporation

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Novell, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ OpenBSD

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Proland Software, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ QNX, Software Systems, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Sequent Computer Systems, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Silicon Graphics, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Sony Corporation

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Sophos, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Sun Microsystems, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Symantec, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ The SCO Group (SCO Linux)

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ The SCO Group (SCO Unix)

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Trendmicro

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Trustix Secure Linux

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Turbolinux

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Unisys

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Wind River Systems, Inc.

Notified: September 21, 2005 Updated: September 21, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | | N/A

References

  • <http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031908.html>
  • <http://lists.suse.com/archive/suse-security-announce/2005-Jun/0006.html>
  • <http://secunia.com/advisories/14359/>
  • <http://securitytracker.com/alerts/2005/Jul/1014544.html>
  • <http://secunia.com/advisories/15776/>
  • <http://secunia.com/advisories/15674/>

Credit

This vulnerability was reported by Ulf Harnhammar.

This document was written by Jeff Gennari.

Other Information

CVE IDs: | CVE-2005-0160
---|---
Severity Metric:** | 4.50
Date Public:
| 2005-02-22
Date First Published: | 2005-09-22
Date Last Updated: | 2005-10-28 18:05 UTC
Document Revision: | 58