[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Redhat : RHN Errata Alert: An updated lha package fixes security vulnerability

To: jsaska@hydra.acs.uci.edu
Subject: Redhat : RHN Errata Alert: An updated lha package fixes security vulnerability
From: Duncan Phillips <dphillip@halfdome.nac.uci.edu>
Date: Wed, 1 Sep 2004 21:56:06 -0700

Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:

Complete information about this errata can be found at the following location:
     https://rhn.redhat.com/network/errata/errata_details.pxt?eid=2302

Security Advisory - RHSA-2004:323-09
------------------------------------------------------------------------------
Summary:
An updated lha package fixes security vulnerability

An updated lha package that fixes a buffer overflow is now available.

Description:
LHA is an archiving and compression utility for LHarc format archives.

Lukasz Wojtow discovered a stack-based buffer overflow in all versions
of lha up to and including version 1.14.  A carefully created archive could
allow an attacker to execute arbitrary code when a victim extracts or tests
the archive.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0769 to this issue.

Buffer overflows were discovered in the command line processing of all
versions of lha up to and including version 1.14.  If a malicious user
could trick a victim into passing a specially crafted command line to the
lha command, it is possible that arbitrary code could be executed.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the names CAN-2004-0771 and CAN-2004-0694 to these issues.

Thomas Biege discovered a shell meta character command execution
vulnerability in all versions of lha up to and including 1.14.  An attacker
could create a directory with shell meta characters in its name which could
lead to arbitrary command execution.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0745 to
this issue.

Users of lha should update to this updated package which contains
backported patches and is not vulnerable to these issues.

References:
http://marc.theaimsgroup.com/?l=bugtraq&m=108668791510153
http://lw.ftw.zamosc.pl/lha-exploit.txt
------------------------------------------------------------------------------

-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:

     - select your server name by clicking on its name from the list
       available at the following location, and then schedule an
       errata update for it:
           https://rhn.redhat.com/network/systemlist/system_list.pxt

     - run the Update Agent on each affected server.


---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.

        URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt

You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.


---------------------
Affected Systems List
---------------------
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.

There are 22 affected systems registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).

Release   Arch       Profile Name
--------  --------   ------------
3AS       i686       durian.nac.uci.edu                      
3AS       i686       br.nac.uci.edu                          
3WS       x86_64     m33.ps.uci.edu                          
3AS       i686       hydra.nac.uci.edu                       
3AS       i686       p02.es.uci.edu                          
3AS       x86_64     mpc64.nacs.uci.edu                      
3AS       athlon     a06.es.uci.edu                          
3AS       i686       mothra.nac.uci.edu                      
3AS       x86_64     narg.nac.uci.edu                        
3AS       i686       vesta.nac.uci.edu                       
3AS       i686       cpl-console.nac.uci.edu                 
3AS       x86_64     pxe.es.uci.edu                          
3WS       i686       node-xeon-4                             
3WS       i686       node-xeon-5                             
3WS       i686       node-xeon-10                            
3AS       athlon     a11.es.uci.edu                          
3AS       x86_64     iwt01.nac.uci.edu                       
3AS       x86_64     iwt03.nac.uci.edu                       
3AS       athlon     rama.nac.uci.edu                        
3AS       athlon     tw1.ps.uci.edu                          
3AS       athlon     tw2.biomol.uci.edu                      
3WS       i686       pong.nac.uci.edu                        


The Red Hat Network Team

This message is being sent by Red Hat Network Alert to:
    RHN user login:        ucinacs
    Email address on file: <root@rhn.nacs.uci.edu>

If you lost your RHN password, you can use the information above to
retrieve it by email from the following address:
    https://rhn.redhat.com/forgot_password.pxt

To cancel these notices, go to:
    https://rhn.redhat.com/oo.pxt?uid=3145121&oid=3699264

Prev by Date: Redhat : Updated rsync package fixes security issue
Next by Date: Redhat : An updated lha package fixes security vulnerability
Previous by thread: Redhat : Updated rsync package fixes security issue
Next by thread: Redhat : An updated lha package fixes security vulnerability
Index(es):
- Date
- Thread