blob: bc8eb4793c963bec6356ea8560fbce111eba1200 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200410-01">
<title>sharutils: Buffer overflows in shar.c and unshar.c</title>
sharutils contains two buffer overflow vulnerabilities that could lead to
arbitrary code execution.
<product type="ebuild">sharutils</product>
<announced>October 01, 2004</announced>
<revised>May 22, 2006: 02</revised>
<package name="app-arch/sharutils" auto="yes" arch="*">
<unaffected range="ge">4.2.1-r10</unaffected>
<vulnerable range="le">4.2.1-r9</vulnerable>
sharutils contains utilities to manage shell archives.
sharutils contains two buffer overflows. Ulf Harnhammar discovered a
buffer overflow in shar.c, where the length of data returned by the wc
command is not checked. Florian Schilhabel discovered another buffer
overflow in unshar.c.
<impact type="normal">
An attacker could exploit these vulnerabilities to execute arbitrary
code as the user running one of the sharutils programs.
There is no known workaround at this time.
All sharutils users should upgrade to the latest version:
# emerge sync
# emerge -pv &quot;&gt;=app-arch/sharutils-4.2.1-r10&quot;
# emerge &quot;&gt;=app-arch/sharutils-4.2.1-r10&quot;</code>
<uri link="">Debian Bug #265904</uri>
<uri link="">CVE-2004-1773</uri>
<metadata tag="requester" timestamp="Thu, 30 Sep 2004 04:54:59 +0000">
<metadata tag="submitter" timestamp="Thu, 30 Sep 2004 18:01:09 +0000">
<metadata tag="bugReady" timestamp="Fri, 1 Oct 2004 08:08:15 +0000">