Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0234

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0234
Last Modified 18 Aug 2013 12:31:17
Published 18 Aug 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0234

Summary

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

Vulnerable Systems

Operating System

  • Redhat Fedora Core Core 1.0

Application

  • Clearswift Mailsweeper 4.0

  • Clearswift Mailsweeper 4.1

  • Clearswift Mailsweeper 4.2

  • Clearswift Mailsweeper 4.3

  • Clearswift Mailsweeper 4.3.10

  • Clearswift Mailsweeper 4.3.11

  • Clearswift Mailsweeper 4.3.13

  • Clearswift Mailsweeper 4.3.3

  • Clearswift Mailsweeper 4.3.4

  • Clearswift Mailsweeper 4.3.5

  • Clearswift Mailsweeper 4.3.6

  • Clearswift Mailsweeper 4.3.6 Sp1

  • Clearswift Mailsweeper 4.3.7

  • Clearswift Mailsweeper 4.3.8

  • F-secure Anti-virus 2003

  • F-secure Anti-virus 2004

  • F-secure Anti-virus 4.51

  • F-secure Anti-virus 4.52

  • F-secure Anti-virus 4.60

  • F-secure Anti-virus 5.41

  • F-secure Anti-virus 5.42

  • F-secure Anti-virus 5.5

  • F-secure Anti-virus 5.52

  • F-secure Anti-virus 6.21

  • F-secure For Firewalls 6.20

  • F-secure Internet Gatekeeper 6.31

  • F-secure Internet Gatekeeper 6.32

  • F-secure Internet Security 2003

  • F-secure Internet Security 2004

  • F-secure Personal Express 4.5

  • F-secure Personal Express 4.6

  • F-secure Personal Express 4.7

  • Rarlab Winrar 3.20

  • Redhat Lha 1.14i-9

  • Sgi Propack 2.4

  • Sgi Propack 3.0

  • Stalker Cgpmcafee 3.2

  • Tsugio Okamoto Lha 1.14

  • Tsugio Okamoto Lha 1.15

  • Tsugio Okamoto Lha 1.17

  • Winzip 9.0


References

BID - 10243

BUGTRAQ - 20040510 [Ulf Harnhammar]: LHA Advisory + Patch

FEDORA - FLSA:1833

XF - lha-multiple-bo(16012)

VUPEN - ADV-2006-1220

REDHAT - RHSA-2004:179

REDHAT - RHSA-2004:178

FEDORA - FEDORA-2004-119

OSVDB - 5754

OSVDB - 5753

MISC - http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt

DEBIAN - DSA-515

SECTRACK - 1015866

GENTOO - GLSA-200405-02

SECUNIA - 19514

FULLDISC - 20040502 Lha local stack overflow Proof Of Concept Code

FULLDISC - 20040501 LHa buffer overflows and directory traversal problems

CONECTIVA - CLA-2004:840

BUGTRAQ - 20060403 Barracuda LHA archiver security bug leads to remote compromise


Last Updated: 27 May 2016 10:38:32