[gentoo-announce] [ GLSA 200409-13 ] LHa: Multiple vulnerabilities - gentoo-announce

From:	Sune Kloppenborg Jeppesen <jaervosz@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200409-13 ] LHa: Multiple vulnerabilities
Date:	Wed, 08 Sep 2004 20:33:49
Message-Id:	`200409082210.27047.jaervosz@gentoo.org`

1

-----BEGIN PGP SIGNED MESSAGE-----

2

Hash: SHA1

3

4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

5

Gentoo Linux Security Advisory                           GLSA 200409-13

6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

7

                                            http://security.gentoo.org/

8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

9

10

  Severity: Normal

11

     Title: LHa: Multiple vulnerabilities

12

      Date: September 08, 2004

13

      Bugs: #62618

14

        ID: 200409-13

15

16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

17

18

Synopsis

19

========

20

21

Several buffer overflows and a shell metacharacter command execution

22

vulnerability have been found in LHa. These vulnerabilities can be

23

used to execute arbitrary code.

24

25

Background

26

==========

27

28

LHa is a console-based program for packing and unpacking LHarc

29

archives.

30

31

Affected packages

32

=================

33

34

    -------------------------------------------------------------------

35

     Package       /  Vulnerable  /                         Unaffected

36

    -------------------------------------------------------------------

37

  1  app-arch/lha     <= 114i-r3                            >= 114i-r4

38

39

Description

40

===========

41

42

The command line argument as well as the archive parsing code of LHa

43

lack sufficient bounds checking. Furthermore, a shell meta character

44

command execution vulnerability exists in LHa, since it does no proper

45

filtering on directory names.

46

47

Impact

48

======

49

50

Using a specially crafted command line argument or archive, an attacker

51

can cause a buffer overflow and could possibly run arbitrary code. The

52

shell meta character command execution could lead to the execution of

53

arbitrary commands by an attacker using directories containing shell

54

meta characters in their names.

55

56

Workaround

57

==========

58

59

There is no known workaround at this time.

60

61

Resolution

62

==========

63

64

All LHa users should upgrade to the latest stable version:

65

66

    # emerge sync

67

68

    # emerge -pv ">=app-arch/lha-114i-r4"

69

    # emerge ">=app-arch/lha-114i-r4"

70

71

References

72

==========

73

74

  [ 1 ] CAN-2004-0694

75

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0694

76

  [ 2 ] CAN-2004-0745

77

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0745

78

  [ 3 ] CAN-2004-0769

79

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0769

80

  [ 4 ] CAN-2004-0771

81

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0771

82

83

Availability

84

============

85

86

This GLSA and any updates to it are available for viewing at

87

the Gentoo Security Website:

88

89

  http://security.gentoo.org/glsa/glsa-200409-13.xml

90

91

Concerns?

92

=========

93

94

Security is a primary focus of Gentoo Linux and ensuring the

95

confidentiality and security of our users machines is of utmost

96

importance to us. Any security concerns should be addressed to

97

security@g.o or alternatively, you may file a bug at

98

http://bugs.gentoo.org.

99

100

License

101

=======

102

103

Copyright 2004 Gentoo Foundation, Inc; referenced text

104

belongs to its owner(s).

105

106

The contents of this document are licensed under the

107

Creative Commons - Attribution / Share Alike license.

108

109

http://creativecommons.org/licenses/by-sa/1.0

110

-----BEGIN PGP SIGNATURE-----

111

Version: GnuPG v1.2.4 (GNU/Linux)

112

113

iD8DBQFBP2bozKC5hMHO6rkRAo6QAJ92juNQPyUS+M6WJ50r6B15CgKYIgCeITvV

114

PQedVRYJvm4ShsCGtSYX9dI=

115

=Jsxk

116

-----END PGP SIGNATURE-----

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5	Gentoo Linux Security Advisory GLSA 200409-13
6	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7	http://security.gentoo.org/
8	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10	Severity: Normal
11	Title: LHa: Multiple vulnerabilities
12	Date: September 08, 2004
13	Bugs: #62618
14	ID: 200409-13
15
16	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18	Synopsis
19	========
20
21	Several buffer overflows and a shell metacharacter command execution
22	vulnerability have been found in LHa. These vulnerabilities can be
23	used to execute arbitrary code.
24
25	Background
26	==========
27
28	LHa is a console-based program for packing and unpacking LHarc
29	archives.
30
31	Affected packages
32	=================
33
34	-------------------------------------------------------------------
35	Package / Vulnerable / Unaffected
36	-------------------------------------------------------------------
37	1 app-arch/lha <= 114i-r3 >= 114i-r4
38
39	Description
40	===========
41
42	The command line argument as well as the archive parsing code of LHa
43	lack sufficient bounds checking. Furthermore, a shell meta character
44	command execution vulnerability exists in LHa, since it does no proper
45	filtering on directory names.
46
47	Impact
48	======
49
50	Using a specially crafted command line argument or archive, an attacker
51	can cause a buffer overflow and could possibly run arbitrary code. The
52	shell meta character command execution could lead to the execution of
53	arbitrary commands by an attacker using directories containing shell
54	meta characters in their names.
55
56	Workaround
57	==========
58
59	There is no known workaround at this time.
60
61	Resolution
62	==========
63
64	All LHa users should upgrade to the latest stable version:
65
66	# emerge sync
67
68	# emerge -pv ">=app-arch/lha-114i-r4"
69	# emerge ">=app-arch/lha-114i-r4"
70
71	References
72	==========
73
74	[ 1 ] CAN-2004-0694
75	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0694
76	[ 2 ] CAN-2004-0745
77	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0745
78	[ 3 ] CAN-2004-0769
79	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0769
80	[ 4 ] CAN-2004-0771
81	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0771
82
83	Availability
84	============
85
86	This GLSA and any updates to it are available for viewing at
87	the Gentoo Security Website:
88
89	http://security.gentoo.org/glsa/glsa-200409-13.xml
90
91	Concerns?
92	=========
93
94	Security is a primary focus of Gentoo Linux and ensuring the
95	confidentiality and security of our users machines is of utmost
96	importance to us. Any security concerns should be addressed to
97	security@g.o or alternatively, you may file a bug at
98	http://bugs.gentoo.org.
99
100	License
101	=======
102
103	Copyright 2004 Gentoo Foundation, Inc; referenced text
104	belongs to its owner(s).
105
106	The contents of this document are licensed under the
107	Creative Commons - Attribution / Share Alike license.
108
109	http://creativecommons.org/licenses/by-sa/1.0
110	-----BEGIN PGP SIGNATURE-----
111	Version: GnuPG v1.2.4 (GNU/Linux)
112
113	iD8DBQFBP2bozKC5hMHO6rkRAo6QAJ92juNQPyUS+M6WJ50r6B15CgKYIgCeITvV
114	PQedVRYJvm4ShsCGtSYX9dI=
115	=Jsxk
116	-----END PGP SIGNATURE-----

Gentoo Archives: gentoo-announce