Info

Disclosure

Jul 31, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in Lhaplus. Lhaplus fails to handle specialy crafted LZH files resulting in a heap overflow. With a specially crafted LZH file containing an "extended header size" in the file header set to 256 or more, an attacker can execute arbitrary commands resulting in a loss of integrity and/or availability.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Unknown

Solution

Upgrade to version 1.53 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Schezo

Lhaplus

1.52

References

Security Tracker: 1016615
Bugtraq ID: 19263
CVE ID: 2006-4033 (see also: NVD)
Secunia Advisory ID: 21256
ISS X-Force ID: 28102
VUPEN Advisory: ADV-2006-3076
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0769.html
Other Advisory URL: http://vuln.sg/lhaplus152-en.html
Vendor URL: http://www7a.biglobe.ne.jp/~schezo/

Credit

Tan Chew Keong - chewkeongvuln.sg - Vuln.sg

Direct URL: http://osvdb.org/27667