Article

Red Hat says lha vulnerable to attack

Bill Brenner

Red Hat recommends those who use the lha archiving and compression tool update their packages to fix vulnerabilities attackers could exploit to trigger a buffer overflow or execute arbitrary code.

The advisory said researcher Lukasz

    Requires Free Membership to View

Wojtow discovered a stack-based buffer overflow in all versions of lha -- an archiving and compression utility for "lharc" format archives -- up to and including version 1.14.

"A carefully created archive could allow an attacker to execute arbitrary code when a victim extracts or tests the archive," Red Hat said. "If a malicious user could trick a victim into passing a specially crafted command line to the lha command, it is possible that arbitrary code could be executed. An updated lha package that fixes a buffer overflow is now available."

The advisory said researcher Thomas Biege discovered another problem: a shell meta character command execution vulnerability in all versions of lha up to and including 1.14.

"An attacker could create a directory with shell meta characters in its name which could lead to arbitrary command execution," Red Hat said.

The advisory recommended users of lha switch to the updated package, which contains "backported" patches that are not vulnerable to these issues. The problems affect the following products:

  • Red Hat Desktop (v. 3)
  • Red Hat Enterprise Linux AS (v. 3)
  • Red Hat Enterprise Linux ES (v. 3)
  • Red Hat Enterprise Linux WS (v. 3)

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: