Executive Summary
Summary | |
---|---|
Title | Lhaca buffer overflow vulnerability |
Informations | |||
---|---|---|---|
Name | VU#871497 | First vendor Publication | 2007-07-06 |
Vendor | VU-CERT | Last vendor Modification | 2007-07-17 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#871497Lhaca buffer overflow vulnerabilityOverviewThe Lhaca archiving program contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code.I. DescriptionLHA is an archive file format. LHA is used by the Lhaca compression utility.A stack buffer overflow vulnerability exists in the Lhaca program. This vulnerability occurs due to insuffiecient bounds checking. Note that there are reports that this vulnerability is being publicly exploited. The vendor has released Lhaca version 1.23 to address this issue. Users are encouraged to upgrade as soon as possible.
References
Thanks to Lhaca, Symantec, and Vuln.sg for information that was used in this report. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/871497 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
5753 | LHA get_header() Function File / Directory Name Handling Overflow A remote overflow exists in LHA. The get_header() function fails to perform proper bounds checking resulting in a buffer overflow. By sending an LHA archive containing files with overly long file or directory names, a remote attacker can cause arbitrary code execution resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-515.nasl - Type : ACT_GATHER_INFO |