3 matches found
SUSE CVE-2004-0771
Buffer overflow in the extractone function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w working directory command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise...
SUSE CVE-2007-2030
lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked...
[Full-disclosure] Barracuda LHA archiver security bug leads to remote compromise
Topic: Barracuda LHA archiver security bug leads to remote compromise Announced: 2006-04-03 Product: Barracuda Spam Firewall Vendor: http://www.barracudanetworks.com/ Impact: Remote shell access Affected product: Barracuda with firmware 3.3.03.022 AND spamdef 3.0.10045 Credits: Jean-Sebastien...