4 matches found
Debian DSA-959-1 : unalz - buffer overflow
Ulf Harnhammar from the Debian Security Audit Project discovered that unalz, a decompressor for ALZ archives, performs insufficient bounds checking when parsing file names. This can lead to arbitrary code execution if an attacker provides a crafted ALZ archive. %NASLMINLEVEL 70300 C Tenable Netwo...
[SECURITY] [DSA 959-1] New unalz packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 959-1 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 959-1] New unalz packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 959-1 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...
CVE-2005-3862
CVE-2005-3862 affects the unalz decompressor for ALZ archives. Debian advisories (DSA-959-1) document a buffer overflow caused by insufficient bounds checking when parsing file names, enabling arbitrary code execution via a crafted ALZ archive. Remediation in provided docs: upgrade unalz to versi...