SpeedProject Multiple Product ACE Archive Handling Overflow

2006-04-26T08:17:39
ID OSVDB:24990
Type osvdb
Reporter Tan Chew Keong()
Modified 2006-04-26T08:17:39

Description

Vulnerability Description

A remote overflow exists in Squeez and SpeedCommander. Squeez and SpeedCommander fails to handle an ACE archive that contains a file with an overly long filename resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.

Solution Description

Upgrade Squeez 5 to version Squeez 5.20 Build 4600 or higher, SpeedCommander 10 to version 10.53 Build 4590 or later and SpeedCommander 11 to version 11.10 Build 4590 or later, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in Squeez and SpeedCommander. Squeez and SpeedCommander fails to handle an ACE archive that contains a file with an overly long filename resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.

References:

Vendor URL: http://www.speedproject.de/ Security Tracker: 1016003 Security Tracker: 1016002 Secunia Advisory ID:19473 Other Advisory URL: http://secunia.com/secunia_research/2006-23/advisory/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0550.html FrSIRT Advisory: ADV-2006-1535 CVE-2006-2085 Bugtraq ID: 17709