Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Gentoo: GLSA-200611-24 Normal: LHa Remote Execution and DoS Threat

gentoo
Calendar Grey November 28, 2006
Dist Gentoo Esm H88
LHa within Gentoo was impacted by various security flaws that facilitate remote code execution and lead to Denial of Service.
LHa is affected by several vulnerabilities including the remote execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200611-24 https://security.gentoo.org/ Severity: Normal Title: LHa: Multiple vulnerabilities Date: November 28, 2006 Bugs: #151252 ID: 200611-24

Synopsis ======= LHa is affected by several vulnerabilities including the remote execution of arbitrary code.
Background ========= LHa is a console-based program for packing and unpacking LHarc archives.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-arch/lha < 114i-r6 >= 114i-r6
========== Tavis Ormandy of the Google Security Team discovered several vulnerabilities in the LZH decompression component used by LHa. The make_table function of unlzh.c contains an array index...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround