123019 – CAN-2004-0234/0235 lha security flaws

Bug 123019 - CAN-2004-0234/0235 lha security flaws

Summary: CAN-2004-0234/0235 lha security flaws

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	lha
Sub Component:
Version:	1
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Than Ngo
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-05-11 12:08 UTC by Leonard den Ottolander
Modified:	2007-11-30 22:10 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2004-05-20 10:18:25 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Leonard den Ottolander 2004-05-11 12:08:43 UTC

Ulf HÃ¤rnhammar discovered two stack buffer overflows and two directory
traversal flaws in LHA.  An attacker could exploit the buffer
overflows by creating a carefully crafted LHA archive in such a way
that arbitrary code would be executed when the archive is tested or
extracted by a victim.  CAN-2004-0234.  An attacker could exploit the
directory traversal issues to create files as the victim outside of
the expected directory.  CAN-2004-0235.

These issues seem to be fixed in FC2t3. You can probably just rebuild
lha-1.14i-14 from FC2 for FC1.

Comment 1 Than Ngo 2004-05-11 12:41:17 UTC

lha.1.14i-12.1 was built into 10-updates-candidate on May05 and will
be available very soon.

Comment 2 Mark J. Cox 2004-05-20 10:18:25 UTC

http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html

Note You need to log in before you can comment on or make changes to this bug.