LHA 1.x Multiple extract_one Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10354/info LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. These issues are triggered in the...

multiple vulnerabilities in lha

Buffer underflow in the buildtree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index...

Debian DSA-515-1 : lha - several vulnerabilities

Two vulnerabilities were discovered in lha : - CAN-2004-0234 - Multiple stack-based buffer overflows in the getheader function in header.c for LHA 1.14 allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow...

GLSA-200409-13 : LHa: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200409-13 LHa: Multiple vulnerabilities The command line argument as well as the archive parsing code of LHa lack sufficient bounds checking. Furthermore, a shell meta character command execution vulnerability exists in LHa, since...

LHa: Multiple vulnerabilities

Background LHa is a console-based program for packing and unpacking LHarc archives. Description The command line argument as well as the archive parsing code of LHa lack sufficient bounds checking. Furthermore, a shell meta character command execution vulnerability exists in LHa, since it does no...

GLSA-200405-02 : Multiple vulnerabilities in LHa

The remote host is affected by the vulnerability described in GLSA-200405-02 Multiple vulnerabilities in LHa Ulf Harnhammar found two stack overflows and two directory traversal vulnerabilities in LHa version 1.14 and 1.17. A stack overflow occurs when testing or extracting archives containing lo...

CVE-2004-0769

Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771...

Fedora Core 1 : lha-1.14i-12.1 (2004-119)

Ulf Harnhammar discovered two stack-based buffer overflows and two directory traversal flaws in LHA. An attacker could exploit the buffer overflows by creating a carefully crafted LHA archive in such a way that arbitrary code would be executed when the archive is tested or extracted by a victim...

LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities

//source: https://www.securityfocus.com/bid/10354/info // //LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. These issues are triggered in the 'extractone' and are due t...

lha buffer overflow(s) again

i posted it yesterday to [email protected] but mailbox is disabled for that recipient :-/ Date: Sat, 15 May 2004 00:24:09 +0200 CEST From: Lukasz Wojtow [email protected] To: [email protected] Subject: LHA buffer overflow not the last one already fixed it seems that lha is quite poorly written...

Multiple vulnerabilities in LHa

Background LHa is a console-based program for packing and unpacking LHarc archives. Description Ulf Harnhammar found two stack overflows and two directory traversal vulnerabilities in LHa version 1.14 and 1.17. A stack overflow occurs when testing or extracting archives containing long file or...

[Full-Disclosure] LHa repercussions: WinZip, WinRar, CommuniGate Pro McAfee plugin, blog

According to various sources on the net, the vulnerable LHa code has been used in other products. SecurityFocus says that WinZip and WinRar also are vulnerable to the LHa buffer overflows: http://www.securityfocus.com/bid/10243/info/ I have found a mailing list discussion about my LHa test archiv...

LHA 1.x - Remote Buffer Overflow / Directory Traversal

// source: https://www.securityfocus.com/bid/10243/info LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. The first issues reported have been assigned the CVE candidate...

LHA 1.x - Remote Buffer Overflow Directory Traversal

LHA 1.x - Remote Buffer Overflow Directory Traversal // source: https://www.securityfocus.com/bid/10243/info LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. The first...

lha buffer overflows and path traversal issues

Ulf Härnhammar discovered several vulnerabilities in LHa for UNIX's path name handling code. Specially constructed archive files may cause LHa to overwrite files or execute arbitrary code with the privileges of the user invoking LHa. This could be particularly harmful for automated systems that...