Debian DLA-2725-1 : lrzip - LTS security update

2021-08-02T00:00:00

Description

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2725 advisory. - The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive. (CVE-2017-8844) - The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive. (CVE-2017-8846) - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file. (CVE-2017-9928) - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file. (CVE-2017-9929) - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-10685) - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation. (CVE-2018-11496) - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5650) - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5747) - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5786) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

{"id": "DEBIAN_DLA-2725.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DLA-2725-1 : lrzip - LTS security update", "description": "The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2725 advisory.\n\n - The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive. (CVE-2017-8844)\n\n - The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive. (CVE-2017-8846)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file. (CVE-2017-9928)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file. (CVE-2017-9929)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-10685)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation. (CVE-2018-11496)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5650)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c).\n Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.\n (CVE-2018-5747)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5786)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-08-02T00:00:00", "modified": "2021-08-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/152170", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5747", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11496", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9928", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5650", "https://security-tracker.debian.org/tracker/CVE-2018-5786", "https://security-tracker.debian.org/tracker/CVE-2018-5747", "https://security-tracker.debian.org/tracker/CVE-2018-5650", "https://security-tracker.debian.org/tracker/CVE-2018-10685", "https://www.debian.org/lts/security/2021/dla-2725", "https://security-tracker.debian.org/tracker/CVE-2017-9928", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8846", "https://security-tracker.debian.org/tracker/CVE-2018-11496", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8844", "https://security-tracker.debian.org/tracker/CVE-2017-8846", "https://security-tracker.debian.org/tracker/source-package/lrzip", "https://security-tracker.debian.org/tracker/CVE-2017-8844", "https://packages.debian.org/source/stretch/lrzip", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5786", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9929", "https://security-tracker.debian.org/tracker/CVE-2017-9929", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10685"], "cvelist": ["CVE-2017-8844", "CVE-2017-8846", "CVE-2017-9928", "CVE-2017-9929", "CVE-2018-5650", "CVE-2018-5747", "CVE-2018-5786", "CVE-2018-10685", "CVE-2018-11496"], "immutableFields": [], "lastseen": "2022-01-30T01:01:57", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-8844", "CVE-2017-8846", "CVE-2017-9928", "CVE-2017-9929", "CVE-2018-10685", "CVE-2018-11496", "CVE-2018-5650", "CVE-2018-5747", "CVE-2018-5786"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2725-1:362E6"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-8844", "DEBIANCVE:CVE-2017-8846", "DEBIANCVE:CVE-2017-9928", "DEBIANCVE:CVE-2017-9929", "DEBIANCVE:CVE-2018-10685", "DEBIANCVE:CVE-2018-11496", "DEBIANCVE:CVE-2018-5650", "DEBIANCVE:CVE-2018-5747", "DEBIANCVE:CVE-2018-5786"]}, {"type": "gentoo", "idList": ["GLSA-202005-01"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-202005-01.NASL", "UBUNTU_USN-5171-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-5171-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-8844", "UB:CVE-2017-8846", "UB:CVE-2017-9928", "UB:CVE-2017-9929", "UB:CVE-2018-10685", "UB:CVE-2018-11496", "UB:CVE-2018-5650", "UB:CVE-2018-5747", "UB:CVE-2018-5786"]}], "rev": 4}, "score": {"value": 5.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2017-8844", "CVE-2017-8846"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2725-1:362E6"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-8844", "DEBIANCVE:CVE-2017-8846", "DEBIANCVE:CVE-2017-9928", "DEBIANCVE:CVE-2017-9929", "DEBIANCVE:CVE-2018-10685", "DEBIANCVE:CVE-2018-11496", "DEBIANCVE:CVE-2018-5650", "DEBIANCVE:CVE-2018-5747", "DEBIANCVE:CVE-2018-5786"]}, {"type": "gentoo", "idList": ["GLSA-202005-01"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-202005-01.NASL"]}, {"type": "ubuntu", "idList": ["USN-5171-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10685", "UB:CVE-2018-11496"]}]}, "exploitation": null, "vulnersScore": 5.5}, "pluginID": "152170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2725. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152170);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/02\");\n\n script_cve_id(\n \"CVE-2017-8844\",\n \"CVE-2017-8846\",\n \"CVE-2017-9928\",\n \"CVE-2017-9929\",\n \"CVE-2018-5650\",\n \"CVE-2018-5747\",\n \"CVE-2018-5786\",\n \"CVE-2018-10685\",\n \"CVE-2018-11496\"\n );\n\n script_name(english:\"Debian DLA-2725-1 : lrzip - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the\ndla-2725 advisory.\n\n - The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial\n of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact\n via a crafted archive. (CVE-2017-8844)\n\n - The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a\n denial of service (use-after-free and application crash) via a crafted archive. (CVE-2017-8846)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which\n allows attackers to cause a denial of service via a crafted file. (CVE-2017-9928)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which\n allows attackers to cause a denial of service via a crafted file. (CVE-2017-9929)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of\n stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have\n unspecified other impact. (CVE-2018-10685)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because\n decompress_file in lrzip.c lacks certain size validation. (CVE-2018-11496)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match\n function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via\n a crafted lrz file. (CVE-2018-5650)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c).\n Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.\n (CVE-2018-5747)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo\n function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a\n crafted lrz file. (CVE-2018-5786)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/lrzip\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2017-8844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2017-8846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2017-9928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2017-9929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-10685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-11496\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-5650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-5747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-5786\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/lrzip\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the lrzip packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 0.631-1+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10685\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lrzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nrelease = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nrelease = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\npkgs = [\n {'release': '9.0', 'prefix': 'lrzip', 'reference': '0.631-1+deb9u1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n release = NULL;\n prefix = NULL;\n reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lrzip');\n}\n", "naslFamily": "Debian Local Security Checks", "cpe": ["p-cpe:/a:debian:debian_linux:lrzip", "cpe:/o:debian:debian_linux:9.0"], "solution": "Upgrade the lrzip packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 0.631-1+deb9u1.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2018-10685", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-08-01T00:00:00", "vulnerabilityPublicationDate": "2017-05-08T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1646153974}}

{"debian": [{"lastseen": "2022-05-31T21:47:41", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2725-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nAugust 01, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : lrzip\nVersion : 0.631-1+deb9u1\nCVE ID : CVE-2017-8844 CVE-2017-8846 CVE-2017-9928 CVE-2017-9929 \n CVE-2018-5650 CVE-2018-5747 CVE-2018-5786 CVE-2018-10685 \n CVE-2018-11496\n\nSeveral security vulnerabilities have been discovered in lrzip, a compression\nprogram. Heap-based and stack buffer overflows, use-after-free and infinite\nloops would allow attackers to cause a denial of service or possibly other\nunspecified impact via a crafted file.\n\nFor Debian 9 stretch, these problems have been fixed in version\n0.631-1+deb9u1.\n\nWe recommend that you upgrade your lrzip packages.\n\nFor the detailed security status of lrzip please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/lrzip\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-01T21:53:40", "type": "debian", "title": "[SECURITY] [DLA 2725-1] lrzip security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8844", "CVE-2017-8846", "CVE-2017-9928", "CVE-2017-9929", "CVE-2018-10685", "CVE-2018-11496", "CVE-2018-5650", "CVE-2018-5747", "CVE-2018-5786"], "modified": "2021-08-01T21:53:40", "id": "DEBIAN:DLA-2725-1:362E6", "href": "https://lists.debian.org/debian-lts-announce/2021/08/msg00001.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-27T06:10:06", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2981-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Sylvain Beucler\nApril 13, 2022 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : lrzip\nVersion : 0.631-1+deb9u2\nCVE ID : CVE-2018-5786 CVE-2020-25467 CVE-2021-27345 CVE-2021-27347 \n CVE-2022-26291\nDebian Bug : 888506 990583\n\nSeveral security vulnerabilities have been discovered in lrzip, a\ncompression program. Invalid pointers, use-after-free and infinite\nloops would allow attackers to cause a denial of service or possibly\nother unspecified impact via a crafted compressed file.\n\nCVE-2018-5786\n\n There is an infinite loop and application hang in the get_fileinfo\n function (lrzip.c). Remote attackers could leverage this\n vulnerability to cause a denial of service via a crafted lrz file.\n\nCVE-2020-25467\n\n A null pointer dereference was discovered lzo_decompress_buf in\n stream.c which allows an attacker to cause a denial of service\n (DOS) via a crafted compressed file.\n\nCVE-2021-27345\n\n A null pointer dereference was discovered in ucompthread in\n stream.c which allows attackers to cause a denial of service (DOS)\n via a crafted compressed file.\n\nCVE-2021-27347\n\n Use after free in lzma_decompress_buf function in stream.c in\n allows attackers to cause Denial of Service (DoS) via a crafted\n compressed file.\n\nCVE-2022-26291\n\n lrzip was discovered to contain a multiple concurrency\n use-after-free between the functions zpaq_decompress_buf() and\n clear_rulist(). This vulnerability allows attackers to cause a\n Denial of Service (DoS) via a crafted lrz file.\n\nFor Debian 9 stretch, these problems have been fixed in version\n0.631-1+deb9u2.\n\nWe recommend that you upgrade your lrzip packages.\n\nFor the detailed security status of lrzip please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/lrzip\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-04-13T13:47:08", "type": "debian", "title": "[SECURITY] [DLA 2981-1] lrzip security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5786", "CVE-2020-25467", "CVE-2021-27345", "CVE-2021-27347", "CVE-2022-26291"], "modified": "2022-04-13T13:47:08", "id": "DEBIAN:DLA-2981-1:693A2", "href": "https://lists.debian.org/debian-lts-announce/2022/04/msg00012.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-27T06:11:43", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5145-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 24, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : lrzip\nCVE ID : CVE-2018-5786 CVE-2022-26291 CVE-2022-28044\n\nMultiple vulnerabilities have been discovered in the lrzip compression\nprogram which could result in denial of service or potentially the\nexecution of arbitrary code.\n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 0.631+git180528-1+deb10u1. This update also addresses\nCVE-2021-27345, CVE-2020-25467 and CVE-2021-27347.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 0.641-1+deb11u1.\n\nWe recommend that you upgrade your lrzip packages.\n\nFor the detailed security status of lrzip please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/lrzip\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-24T17:48:54", "type": "debian", "title": "[SECURITY] [DSA 5145-1] lrzip security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5786", "CVE-2020-25467", "CVE-2021-27345", "CVE-2021-27347", "CVE-2022-26291", "CVE-2022-28044"], "modified": "2022-05-24T17:48:54", "id": "DEBIAN:DSA-5145-1:9B718", "href": "https://lists.debian.org/debian-security-announce/2022/msg00113.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T10:32:17", "description": "It was discovered that Long Range ZIP incorrectly handled certain \nspecially crafted lrz files. A remote attacker could possibly use this \nissue to cause a denial of service (crash) or other unspecified impact.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2021-12-06T00:00:00", "type": "ubuntu", "title": "Long Range ZIP vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9058", "CVE-2017-8844", "CVE-2017-8846", "CVE-2017-9928", "CVE-2018-5786", "CVE-2017-9929", "CVE-2018-10685", "CVE-2018-5747", "CVE-2018-5650", "CVE-2018-11496"], "modified": "2021-12-06T00:00:00", "id": "USN-5171-1", "href": "https://ubuntu.com/security/notices/USN-5171-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2022-02-01T00:00:00", "description": "The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5171-1 advisory.\n\n - The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive. (CVE-2017-8844)\n\n - The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive. (CVE-2017-8846)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file. (CVE-2017-9928)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file. (CVE-2017-9929)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5650)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c).\n Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.\n (CVE-2018-5747)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5786)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-10685)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation. (CVE-2018-11496)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-08T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Long Range ZIP vulnerabilities (USN-5171-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8844", "CVE-2017-8846", "CVE-2017-9928", "CVE-2017-9929", "CVE-2018-5650", "CVE-2018-5747", "CVE-2018-5786", "CVE-2018-9058", "CVE-2018-10685", "CVE-2018-11496"], "modified": "2021-12-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:lrzip"], "id": "UBUNTU_USN-5171-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155943", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5171-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155943);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/10\");\n\n script_cve_id(\n \"CVE-2017-8844\",\n \"CVE-2017-8846\",\n \"CVE-2017-9928\",\n \"CVE-2017-9929\",\n \"CVE-2018-5650\",\n \"CVE-2018-5747\",\n \"CVE-2018-5786\",\n \"CVE-2018-9058\",\n \"CVE-2018-10685\",\n \"CVE-2018-11496\"\n );\n script_xref(name:\"USN\", value:\"5171-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Long Range ZIP vulnerabilities (USN-5171-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-5171-1 advisory.\n\n - The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial\n of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact\n via a crafted archive. (CVE-2017-8844)\n\n - The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a\n denial of service (use-after-free and application crash) via a crafted archive. (CVE-2017-8846)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which\n allows attackers to cause a denial of service via a crafted file. (CVE-2017-9928)\n\n - In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which\n allows attackers to cause a denial of service via a crafted file. (CVE-2017-9929)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match\n function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via\n a crafted lrz file. (CVE-2018-5650)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c).\n Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.\n (CVE-2018-5747)\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo\n function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a\n crafted lrz file. (CVE-2018-5786)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of\n stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have\n unspecified other impact. (CVE-2018-10685)\n\n - In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because\n decompress_file in lrzip.c lacks certain size validation. (CVE-2018-11496)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5171-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lrzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10685\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lrzip\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'lrzip', 'pkgver': '0.631-1+deb9u1build0.18.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lrzip');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T12:26:56", "description": "The remote host is affected by the vulnerability described in GLSA-202005-01 (Long Range ZIP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Long Range ZIP. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted archive file possibly resulting in a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-05-13T00:00:00", "type": "nessus", "title": "GLSA-202005-01 : Long Range ZIP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8842", "CVE-2017-8843", "CVE-2017-8844", "CVE-2017-8845", "CVE-2017-8846", "CVE-2017-8847", "CVE-2017-9928", "CVE-2017-9929"], "modified": "2020-05-15T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:lrzip", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202005-01.NASL", "href": "https://www.tenable.com/plugins/nessus/136538", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202005-01.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136538);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/15\");\n\n script_cve_id(\"CVE-2017-8842\", \"CVE-2017-8843\", \"CVE-2017-8844\", \"CVE-2017-8845\", \"CVE-2017-8846\", \"CVE-2017-8847\", \"CVE-2017-9928\", \"CVE-2017-9929\");\n script_xref(name:\"GLSA\", value:\"202005-01\");\n\n script_name(english:\"GLSA-202005-01 : Long Range ZIP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202005-01\n(Long Range ZIP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Long Range ZIP. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted\n archive file possibly resulting in a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202005-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Long Range ZIP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/lrzip-0.631_p20190619'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lrzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-arch/lrzip\", unaffected:make_list(\"ge 0.631_p20190619\"), vulnerable:make_list(\"lt 0.631_p20190619\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Long Range ZIP\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-01T18:41:21", "description": "The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2981 advisory.\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5786)\n\n - A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file. (CVE-2020-25467)\n\n - A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file. (CVE-2021-27345)\n\n - Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file. (CVE-2021-27347)\n\n - lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted Irz file. (CVE-2022-26291)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2022-04-13T00:00:00", "type": "nessus", "title": "Debian DLA-2981-1 : lrzip - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5786", "CVE-2020-25467", "CVE-2021-27345", "CVE-2021-27347", "CVE-2022-26291"], "modified": "2022-04-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:lrzip", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2981.NASL", "href": "https://www.tenable.com/plugins/nessus/159716", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2981. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159716);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/13\");\n\n script_cve_id(\n \"CVE-2018-5786\",\n \"CVE-2020-25467\",\n \"CVE-2021-27345\",\n \"CVE-2021-27347\",\n \"CVE-2022-26291\"\n );\n\n script_name(english:\"Debian DLA-2981-1 : lrzip - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the\ndla-2981 advisory.\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo\n function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a\n crafted lrz file. (CVE-2018-5786)\n\n - A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an\n attacker to cause a denial of service (DOS) via a crafted compressed file. (CVE-2020-25467)\n\n - A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers\n to cause a denial of service (DOS) via a crafted compressed file. (CVE-2021-27345)\n\n - Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial\n of Service (DoS) via a crafted compressed file. (CVE-2021-27347)\n\n - lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions\n zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service\n (DoS) via a crafted Irz file. (CVE-2022-26291)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/lrzip\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-5786\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-25467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-27345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-27347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/lrzip\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the lrzip packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 0.631-1+deb9u2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26291\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lrzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'lrzip', 'reference': '0.631-1+deb9u2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lrzip');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-30T18:06:34", "description": "The remote Debian 10 / 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5145 advisory.\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. (CVE-2018-5786)\n\n - A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file. (CVE-2020-25467)\n\n - A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file. (CVE-2021-27345)\n\n - Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file. (CVE-2021-27347)\n\n - lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted Irz file. (CVE-2022-26291)\n\n - Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialise_control. (CVE-2022-28044)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-24T00:00:00", "type": "nessus", "title": "Debian DSA-5145-1 : lrzip - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5786", "CVE-2020-25467", "CVE-2021-27345", "CVE-2021-27347", "CVE-2022-26291", "CVE-2022-28044"], "modified": "2022-05-24T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:lrzip:*:*:*:*:*:*:*"], "id": "DEBIAN_DSA-5145.NASL", "href": "https://www.tenable.com/plugins/nessus/161494", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5145. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161494);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\n \"CVE-2018-5786\",\n \"CVE-2020-25467\",\n \"CVE-2021-27345\",\n \"CVE-2021-27347\",\n \"CVE-2022-26291\",\n \"CVE-2022-28044\"\n );\n\n script_name(english:\"Debian DSA-5145-1 : lrzip - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the\ndsa-5145 advisory.\n\n - In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo\n function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a\n crafted lrz file. (CVE-2018-5786)\n\n - A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an\n attacker to cause a denial of service (DOS) via a crafted compressed file. (CVE-2020-25467)\n\n - A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers\n to cause a denial of service (DOS) via a crafted compressed file. (CVE-2021-27345)\n\n - Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial\n of Service (DoS) via a crafted compressed file. (CVE-2021-27347)\n\n - lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions\n zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service\n (DoS) via a crafted Irz file. (CVE-2022-26291)\n\n - Irzip v0.640 was discovered to contain a heap memory corruption via the component\n lrzip.c:initialise_control. (CVE-2022-28044)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/lrzip\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5145\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-5786\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-25467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-27345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-27347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28044\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/lrzip\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/lrzip\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the lrzip packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 0.641-1+deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-28044\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lrzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'lrzip', 'reference': '0.631+git180528-1+deb10u1'},\n {'release': '11.0', 'prefix': 'lrzip', 'reference': '0.641-1+deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lrzip');\n}\n", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:02:05", "description": "### Background\n\nOptimized for compressing large files\n\n### Description\n\nMultiple vulnerabilities have been discovered in Long Range ZIP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted archive file possibly resulting in a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Long Range ZIP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/lrzip-0.631_p20190619\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-05-12T00:00:00", "type": "gentoo", "title": "Long Range ZIP: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8842", "CVE-2017-8843", "CVE-2017-8844", "CVE-2017-8845", "CVE-2017-8846", "CVE-2017-8847", "CVE-2017-9928", "CVE-2017-9929"], "modified": "2020-05-12T00:00:00", "id": "GLSA-202005-01", "href": "https://security.gentoo.org/glsa/202005-01", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-04-15T07:35:04", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-05-26T20:29:00", "type": "debiancve", "title": "CVE-2018-11496", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11496"], "modified": "2018-05-26T20:29:00", "id": "DEBIANCVE:CVE-2018-11496", "href": "https://security-tracker.debian.org/tracker/CVE-2018-11496", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-15T07:35:04", "description": "In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-06-26T07:29:00", "type": "debiancve", "title": "CVE-2017-9929", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9929"], "modified": "2017-06-26T07:29:00", "id": "DEBIANCVE:CVE-2017-9929", "href": "https://security-tracker.debian.org/tracker/CVE-2017-9929", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-15T07:35:04", "description": "In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-06-26T07:29:00", "type": "debiancve", "title": "CVE-2017-9928", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9928"], "modified": "2017-06-26T07:29:00", "id": "DEBIANCVE:CVE-2017-9928", "href": "https://security-tracker.debian.org/tracker/CVE-2017-9928", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-15T07:35:04", "description": "In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-01-12T22:29:00", "type": "debiancve", "title": "CVE-2018-5650", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5650"], "modified": "2018-01-12T22:29:00", "id": "DEBIANCVE:CVE-2018-5650", "href": "https://security-tracker.debian.org/tracker/CVE-2018-5650", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-15T07:35:04", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-02T22:29:00", "type": "debiancve", "title": "CVE-2018-10685", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10685"], "modified": "2018-05-02T22:29:00", "id": "DEBIANCVE:CVE-2018-10685", "href": "https://security-tracker.debian.org/tracker/CVE-2018-10685", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-15T07:35:04", "description": "The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-05-08T14:29:00", "type": "debiancve", "title": "CVE-2017-8846", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8846"], "modified": "2017-05-08T14:29:00", "id": "DEBIANCVE:CVE-2017-8846", "href": "https://security-tracker.debian.org/tracker/CVE-2017-8846", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-24T19:03:38", "description": "In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-01-19T08:29:00", "type": "debiancve", "title": "CVE-2018-5786", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5786"], "modified": "2018-01-19T08:29:00", "id": "DEBIANCVE:CVE-2018-5786", "href": "https://security-tracker.debian.org/tracker/CVE-2018-5786", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-15T07:35:04", "description": "The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-05-08T14:29:00", "type": "debiancve", "title": "CVE-2017-8844", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8844"], "modified": "2017-05-08T14:29:00", "id": "DEBIANCVE:CVE-2017-8844", "href": "https://security-tracker.debian.org/tracker/CVE-2017-8844", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-15T07:35:04", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-01-17T19:29:00", "type": "debiancve", "title": "CVE-2018-5747", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5747"], "modified": "2018-01-17T19:29:00", "id": "DEBIANCVE:CVE-2018-5747", "href": "https://security-tracker.debian.org/tracker/CVE-2018-5747", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:21:23", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-05-26T20:29:00", "type": "cve", "title": "CVE-2018-11496", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11496"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:lrzip_project:lrzip:0.631"], "id": "CVE-2018-11496", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11496", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:lrzip_project:lrzip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:01:19", "description": "In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-06-26T07:29:00", "type": "cve", "title": "CVE-2017-9929", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9929"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:lrzip_project:lrzip:0.631"], "id": "CVE-2017-9929", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9929", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:lrzip_project:lrzip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:01:19", "description": "In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-06-26T07:29:00", "type": "cve", "title": "CVE-2017-9928", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9928"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:lrzip_project:lrzip:0.631"], "id": "CVE-2017-9928", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9928", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:lrzip_project:lrzip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T17:50:32", "description": "In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-01-12T22:29:00", "type": "cve", "title": "CVE-2018-5650", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5650"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:long_range_zip_project:long_range_zip:0.631"], "id": "CVE-2018-5650", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5650", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:long_range_zip_project:long_range_zip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:06:58", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-02T22:29:00", "type": "cve", "title": "CVE-2018-10685", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10685"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:long_range_zip_project:long_range_zip:0.631"], "id": "CVE-2018-10685", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10685", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:long_range_zip_project:long_range_zip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:52:32", "description": "The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-05-08T14:29:00", "type": "cve", "title": "CVE-2017-8846", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8846"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:lrzip_project:lrzip:0.631"], "id": "CVE-2017-8846", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8846", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:lrzip_project:lrzip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-05-25T01:27:38", "description": "In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-01-19T08:29:00", "type": "cve", "title": "CVE-2018-5786", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5786"], "modified": "2022-05-24T23:15:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/a:long_range_zip_project:long_range_zip:0.631"], "id": "CVE-2018-5786", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5786", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:long_range_zip_project:long_range_zip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:52:31", "description": "The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-05-08T14:29:00", "type": "cve", "title": "CVE-2017-8844", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8844"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:lrzip_project:lrzip:0.631"], "id": "CVE-2017-8844", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8844", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:lrzip_project:lrzip:0.631:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T17:55:55", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-01-17T19:29:00", "type": "cve", "title": "CVE-2018-5747", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5747"], "modified": "2021-08-02T00:15:00", "cpe": ["cpe:/a:lrzip_project:lrzip:0.631"], "id": "CVE-2018-5747", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5747", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:lrzip_project:lrzip:0.631:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2021-12-08T21:44:42", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in\nread_stream in stream.c, because decompress_file in lrzip.c lacks certain\nsize validation.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-05-26T00:00:00", "type": "ubuntucve", "title": "CVE-2018-11496", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11496"], "modified": "2018-05-26T00:00:00", "id": "UB:CVE-2018-11496", "href": "https://ubuntu.com/security/CVE-2018-11496", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-08T21:49:19", "description": "In lrzip 0.631, a stack buffer overflow was found in the function\nget_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of\nservice via a crafted file.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866020>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-06-26T00:00:00", "type": "ubuntucve", "title": "CVE-2017-9929", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9929"], "modified": "2017-06-26T00:00:00", "id": "UB:CVE-2017-9929", "href": "https://ubuntu.com/security/CVE-2017-9929", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-08T21:49:19", "description": "In lrzip 0.631, a stack buffer overflow was found in the function\nget_fileinfo in lrzip.c:979, which allows attackers to cause a denial of\nservice via a crafted file.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866022>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-06-26T00:00:00", "type": "ubuntucve", "title": "CVE-2017-9928", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9928"], "modified": "2017-06-26T00:00:00", "id": "UB:CVE-2017-9928", "href": "https://ubuntu.com/security/CVE-2017-9928", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-08T21:46:30", "description": "In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and\napplication hang in the unzip_match function in runzip.c. Remote attackers\ncould leverage this vulnerability to cause a denial of service via a\ncrafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-12T00:00:00", "type": "ubuntucve", "title": "CVE-2018-5650", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5650"], "modified": "2018-01-12T00:00:00", "id": "UB:CVE-2018-5650", "href": "https://ubuntu.com/security/CVE-2018-5650", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-07T21:36:08", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the\nlzma_decompress_buf function of stream.c, which allows remote attackers to\ncause a denial of service (application crash) or possibly have unspecified\nother impact.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-02T00:00:00", "type": "ubuntucve", "title": "CVE-2018-10685", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10685"], "modified": "2018-05-02T00:00:00", "id": "UB:CVE-2018-10685", "href": "https://ubuntu.com/security/CVE-2018-10685", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-08T21:49:59", "description": "The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows\nremote attackers to cause a denial of service (use-after-free and\napplication crash) via a crafted archive.\n\n#### Bugs\n\n * <https://github.com/ckolivas/lrzip/issues/71>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-05-08T00:00:00", "type": "ubuntucve", "title": "CVE-2017-8846", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8846"], "modified": "2017-05-08T00:00:00", "id": "UB:CVE-2017-8846", "href": "https://ubuntu.com/security/CVE-2017-8846", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-06T21:37:14", "description": "In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and\napplication hang in the get_fileinfo function (lrzip.c). Remote attackers\ncould leverage this vulnerability to cause a denial of service via a\ncrafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-19T00:00:00", "type": "ubuntucve", "title": "CVE-2018-5786", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5786"], "modified": "2018-01-19T00:00:00", "id": "UB:CVE-2018-5786", "href": "https://ubuntu.com/security/CVE-2018-5786", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-07T21:42:00", "description": "The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows\nremote attackers to cause a denial of service (heap-based buffer overflow\nand application crash) or possibly have unspecified other impact via a\ncrafted archive.\n\n#### Bugs\n\n * <https://github.com/ckolivas/lrzip/issues/70>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "ubuntucve", "title": "CVE-2017-8844", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8844"], "modified": "2017-05-08T00:00:00", "id": "UB:CVE-2017-8844", "href": "https://ubuntu.com/security/CVE-2017-8844", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-08T21:46:24", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the\nucompthread function (stream.c). Remote attackers could leverage this\nvulnerability to cause a denial of service via a crafted lrz file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-17T00:00:00", "type": "ubuntucve", "title": "CVE-2018-5747", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5747"], "modified": "2018-01-17T00:00:00", "id": "UB:CVE-2018-5747", "href": "https://ubuntu.com/security/CVE-2018-5747", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-05-21T01:22:10", "description": "In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-20T23:52:37", "type": "redhatcve", "title": "CVE-2018-10685", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10685"], "modified": "2022-05-20T23:52:37", "id": "RH:CVE-2018-10685", "href": "https://access.redhat.com/security/cve/cve-2018-10685", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2022-05-30T19:28:06", "description": "lrzip is vulnerable to denial of service. The vulnerability exists because there is an infinite loop and application hang in the get_fileinfo function in lrzip.c which allows a remote attackers to cause a denial of service via a crafted lrz file.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-04-17T03:50:07", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5786"], "modified": "2022-05-25T01:51:45", "id": "VERACODE:35134", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-35134/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}]}

Debian DLA-2725-1 : lrzip - LTS security update

Description

Related