Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2016-2347First vendor Publication2017-04-21
VendorCveLast vendor Modification2018-10-30

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2347

CWE : Common Weakness Enumeration

%idName
100 %CWE-190Integer Overflow or Wraparound (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Os2
Os1
Os1

Snort® IPS/IDS

DateDescription
2016-03-14lhasa decode_level3_header heap corruption attempt
RuleID : 37494 - Revision : 3 - Type : FILE-OTHER
2016-03-14lhasa decode_level3_header heap corruption attempt
RuleID : 37493 - Revision : 3 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

DateDescription
2016-04-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1091-1.nasl - Type : ACT_GATHER_INFO
2016-04-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-454.nasl - Type : ACT_GATHER_INFO
2016-04-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-455.nasl - Type : ACT_GATHER_INFO
2016-04-05Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3540.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CONFIRM https://github.com/fragglet/lhasa/commit/6fcdb8f1f538b9d63e63a5fa199c5514a15d...
https://github.com/fragglet/lhasa/releases/tag/v0.3.1
DEBIAN http://www.debian.org/security/2016/dsa-3540
MISC http://www.talosintelligence.com/reports/TALOS-2016-0095/
SUSE http://lists.opensuse.org/opensuse-updates/2016-04/msg00038.html
http://lists.opensuse.org/opensuse-updates/2016-04/msg00039.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2018-10-31 00:21:04
  • Multiple Updates
2018-01-26 12:07:12
  • Multiple Updates
2017-04-27 00:22:53
  • Multiple Updates
2017-04-22 05:23:16
  • First insertion