[USN-102-1] shar vulnerabilities

From: Martin Pitt (martin.pitt_at_canonical.com)
Date: 03/29/05

  • Next message: dcrab_at_hackerscenter.com: "Multiple sql injection, and xss vulnerabilities in AspApp" 
    Date: Tue, 29 Mar 2005 14:13:20 +0200
To: ubuntu-security-announce@lists.ubuntu.com

    ===========================================================
    Ubuntu Security Notice USN-102-1 March 29, 2005
    sharutils vulnerabilities
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=242597
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=265904
    ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 4.10 (Warty Warthog)

    The following packages are affected:

    sharutils

    The problem can be corrected by upgrading the affected package to
    version 1:4.2.1-10ubuntu0.1. In general, a standard system upgrade is
    sufficient to effect the necessary changes.

    Details follow:

    Shaun Colley discovered a buffer overflow in "shar" that was triggered
    by output files (specified with -o) with names longer than 49
    characters. This could be exploited to run arbitrary attacker
    specified code on systems that automatically process uploaded files
    with shar.

    Ulf Harnhammar discovered that shar does not check the data length
    returned by the 'wc' command. However, it is believed that this cannot
    actually be exploited on real systems.

      Source archives:

        http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/sharutils_4.2.1-10ubuntu0.1.diff.gz
          Size/MD5: 7692 7d0ac5f9d30e814f3bb8a920a384efd0
        http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/sharutils_4.2.1-10ubuntu0.1.dsc
          Size/MD5: 634 400f8c2b587de06d80b961f416069c40
        http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/sharutils_4.2.1.orig.tar.gz
          Size/MD5: 306022 b8ba1d409f07edcb335ff72a27bd9828

      Architecture independent packages:

        http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/sharutils-doc_4.2.1-10ubuntu0.1_all.deb
          Size/MD5: 27834 f95e85a0a3bc6b8998161e4ae0e19020

      amd64 architecture (Athlon64, Opteron, EM64T Xeon)

        http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/sharutils_4.2.1-10ubuntu0.1_amd64.deb
          Size/MD5: 113868 20cc7d70f9c93d46772bd8a2eaceaa80

      i386 architecture (x86 compatible Intel/AMD)

        http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/sharutils_4.2.1-10ubuntu0.1_i386.deb
          Size/MD5: 110696 c96e763f35d05965f189cf97b9d7a323

      powerpc architecture (Apple Macintosh G3/G4/G5)

        http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/sharutils_4.2.1-10ubuntu0.1_powerpc.deb
          Size/MD5: 112594 d458759940e4a6396622b3da7866ef84

  • Next message: dcrab_at_hackerscenter.com: "Multiple sql injection, and xss vulnerabilities in AspApp"

    Relevant Pages