What Are You Looking For?

Sign Up

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4167-1                   security@debian.org
https://www.debian.org/security/                            Luciano Bello
April 05, 2018                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : sharutils
CVE ID         : CVE-2018-1000097
Debian Bug     : 893525

A buffer-overflow vulnerability was discovered in Sharutils, a set of
utilities handle Shell Archives. An attacker with control on the input of
the unshar command, could crash the application or execute arbitrary code
in the its context.

For the oldstable distribution (jessie), this problem has been fixed
in version 4.14-2+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 1:4.15.2-2+deb9u1.

We recommend that you upgrade your sharutils packages.

For the detailed security status of sharutils please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/sharutils

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Debian: DSA-4167-1: sharutils security update

April 5, 2018
A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives

Summary

For the oldstable distribution (jessie), this problem has been fixed
in version 4.14-2+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 1:4.15.2-2+deb9u1.

We recommend that you upgrade your sharutils packages.

For the detailed security status of sharutils please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/sharutils

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Severity
A buffer-overflow vulnerability was discovered in Sharutils, a set of
utilities handle Shell Archives. An attacker with control on the input of
the unshar command, could crash the application or execute arbitrary code
in the its context.

Related News

From Heartbleed to Now: Evolving Threats in OpenSSL and How to Guard Against Them

Nov 17, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

Severe Chromium Bug Threatens Sensitive Data, System Availability

Nov 13, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo