CVE-2004-0234 - Vulnerability Details

Description

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

Published: 2004-05-05

Score: 10.0 Critical

EPSS: 8.5% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:clearswift:mailsweeper:4.0:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.1:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.2:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.3:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.4:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.5:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.6:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.7:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.8:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.10:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.11:::::::*
	cpe:2.3:a:clearswift:mailsweeper:4.3.13:::::::*
	cpe:2.3:a:f-secure:f-secure_anti-virus:4.51::linux_gateways:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:4.51::linux_servers:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:4.51::linux_workstations:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:4.52::linux_gateways:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:4.52::linux_servers:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:4.52::linux_workstations:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:4.60::samba_servers:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.5::client_security:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.41::mimesweeper:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.41::windows_servers:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.41::workstations:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.42::mimesweeper:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.42::windows_servers:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.42::workstations:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:5.52::client_security:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:6.21::ms_exchange:::::
	cpe:2.3:a:f-secure:f-secure_anti-virus:2003:::::::*
	cpe:2.3:a:f-secure:f-secure_anti-virus:2004:::::::*
	cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:::::::*
	cpe:2.3:a:f-secure:f-secure_internet_security:2003:::::::*
	cpe:2.3:a:f-secure:f-secure_internet_security:2004:::::::*
	cpe:2.3:a:f-secure:f-secure_personal_express:4.5:::::::*
	cpe:2.3:a:f-secure:f-secure_personal_express:4.6:::::::*
	cpe:2.3:a:f-secure:f-secure_personal_express:4.7:::::::*
	cpe:2.3:a:f-secure:internet_gatekeeper:6.31:::::::*
	cpe:2.3:a:f-secure:internet_gatekeeper:6.32:::::::*
	cpe:2.3:a:rarlab:winrar:3.20:::::::*
	cpe:2.3:a:redhat:lha:1.14i-9::i386:::::
	cpe:2.3:a:sgi:propack:2.4:::::::*
	cpe:2.3:a:sgi:propack:3.0:::::::*
	cpe:2.3:a:stalker:cgpmcafee:3.2:::::::*
	cpe:2.3:a:tsugio_okamoto:lha:1.14:::::::*
	cpe:2.3:a:tsugio_okamoto:lha:1.15:::::::*
	cpe:2.3:a:tsugio_okamoto:lha:1.17:::::::*
	cpe:2.3:a:winzip:winzip:9.0:::::::*

Configuration 2 [-]

cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 3
lha-0:1.14i-10.2	cpe:/o:redhat:enterprise_linux:3	RHSA-2004:178	2004-05-26T00:00:00Z
Red Hat Linux 9
	cpe:/o:redhat:linux:9	RHSA-2004:179	2004-04-30T00:00:00Z

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2004-0234	Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.08482.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html
http://marc.info/?l=bugtraq&m=108422737918885&w=2
http://secunia.com/advisories/19514
http://security.gentoo.org/glsa/glsa-200405-02.xml
http://securitytracker.com/id?1015866
http://www.debian.org/security/2004/dsa-515
http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt
http://www.osvdb.org/5753
http://www.osvdb.org/5754
http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
http://www.redhat.com/support/errata/RHSA-2004-178.html
http://www.redhat.com/support/errata/RHSA-2004-179.html
http://www.securityfocus.com/bid/10243
http://www.vupen.com/english/advisories/2006/1220
https://bugzilla.fedora.us/show_bug.cgi?id=1833
https://exchange.xforce.ibmcloud.com/vulnerabilities/16012
https://nvd.nist.gov/vuln/detail/CVE-2004-0234
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881
https://www.cve.org/CVERecord?id=CVE-2004-0234

History

No history.

Subscriptions

Clearswift Mailsweeper

F-secure F-secure Anti-virus F-secure For Firewalls F-secure Internet Security F-secure Personal Express Internet Gatekeeper

Rarlab Winrar

Redhat Enterprise Linux Fedora Core Lha Linux

Sgi Propack

Stalker Cgpmcafee

Tsugio Okamoto Lha

Winzip Winzip

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-05-05T04:00:00.000Z

Updated: 2024-08-08T00:10:03.930Z

Reserved: 2004-03-17T00:00:00.000Z

Link: CVE-2004-0234

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2004-08-18T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2004-0234

Redhat

Severity : Important

Publid Date: 2004-05-01T00:00:00Z

Links: CVE-2004-0234 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-119

Tracking

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object