TITLE:
avast! LHA Archive Processing Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA21794
VERIFY ADVISORY:
http://secunia.c
om/advisories/21794/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
avast! Home/Professional 4.x
http://secunia.com/p
roduct/5162/
avast! Server Edition 4.x
http://secunia.com/
product/11895/
DESCRIPTION:
A vulnerability in avast!, which can be exploited by
malicious
people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the
anti-virus
engine when processing LHA archives. This can be exploited
to
cause a
heap-based buffer overflow via a specially crafted LHA
archive
with
overly long filename and directory name extended-header
fields.
Successful exploitation allows execution of arbitrary code.
The vulnerability is reported in the anti-virus engine prior
to
versions 4.7.869 for desktops and 4.7.660 for servers.
SOLUTION:
Update to a fixed version.
ORIGINAL ADVISORY:
http://www.hustlelabs.com/advisories/04072006_alwil.pdf
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|