Upstream information
Description
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 10 |
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
SUSE Security Advisories:
- SuSE-SA:2004:010, published Tuesday, May 5th 2004 02:30 MEST
- SuSE-SA:2004:011, published Thursday, May 6th 2004 22:30 MEST
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 00:46:37 2013CVE page last modified: Fri Dec 8 16:09:28 2023