EUVD-2004-1025

Malware in sbrugna...

Updated unarj packages fix security vulnerability

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. CVE-2004-0947 Directory traversal vulnerability in the -x extract command line option in unarj allows remote attackers to overwrite arbitrary files via an ar...

MGASA-2023-0107 Updated unarj packages fix security vulnerability

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. CVE-2004-0947 Directory traversal vulnerability in the -x extract command line option in unarj allows remote attackers to overwrite arbitrary files via an ar...

SUSE CVE-2004-0947

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames...

The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries

Overview The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting provided by Micco use the old version of Self-Extracting Archives created by UNLHA32.DLL. They contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2018-16189. Eili...

Fedora Core 2 : unarj-2.63a-7 (2004-414)

A buffer overflow bug has been discovered in unarj when handling long file names contained in an archive. An attacker could create an archive with a specially crafted path which could cause unarj to crash or execute arbitrary instructions. The Common Vulnerabilities and Exposures project...

SLES9: Security update for unarj

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unarj For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5015411 within the SuSE...

SLES9: Security update for unarj

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unarj For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5015411 within the SuSE...

SuSE9 Security Update : unarj (YOU Patch Number 9523)

A directory traversal bug was spotted in the unarj program CVE-2004-0947. Additionaly SUSE Security audited unarj and found several buffer overflows which are also fixed by this update. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Gentoo Security Advisory GLSA 200411-29 (unarj)

The remote host is missing updates announced in advisory GLSA 200411-29. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200411-29 (unarj)

The remote host is missing updates announced in advisory GLSA 200411-29. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. VID a163baff-3fe1-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. VID 1f922de0-3fe5-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Debian Security Advisory DSA 652-1 (unarj)

The remote host is missing an update to unarj announced via advisory DSA 652-1. OpenVAS Vulnerability Test $Id: deb6521.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 652-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MailMarshal UNARJ解压目录遍历漏洞

MailMarshal SMTP是适用于业务网络的邮件安全解决方案。 MailMarshal用于解压.ARJ文档文件的解压例程中存在目录遍历漏洞，远程攻击者可能利用此漏洞在系统的任意位置创建文件。 由于没有对包含有目录遍历字符串（如“../”）的解压文件名执行正确的沙盒限制，攻击者可以通过诱骗用户打开恶意的ARJ文档在任意位置创建文件。 Marshal MailMarshal SMTP 6.0 Marshal MailMarshal SMTP 5.0 Marshal MailMarshal SMTP 2006 Marshal MailMarshal for Exchange 5.0...

FreeBSD : unarj -- directory traversal vulnerability (1f922de0-3fe5-11d9-a9e7-0001020eed82)

unarj has insufficient checks for filenames that contain ... This can allow an attacker to overwrite arbitrary files with the permissions of the user running unarj. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

FreeBSD : unarj -- long filename buffer overflow (a163baff-3fe1-11d9-a9e7-0001020eed82)

Ludwig Nussel has discovered a buffer overflow vulnerability in unarj's handling of long filenames which could potentially lead to execution of arbitrary code with the permissions of the user running unarj. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...