Mandrake Linux Security Advisory : sharutils (MDKSA-2005:067)

high Nessus Plugin ID 18002

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

Shaun Colley discovered a buffer overflow in shar that was triggered by output files (using -o) with names longer than 49 characters which could be exploited to run arbitrary attacker-specified code.

Ulf Harnhammar discovered that shar does not check the data length returned by the wc command.

Joey Hess discovered that unshar would create temporary files in an insecure manner which could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user using unshar.

The updated packages have been patched to correct these issues.

Solution

Update the affected sharutils package.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=302412

Plugin Details

Severity: High

ID: 18002

File Name: mandrake_MDKSA-2005-067.nasl

Version: 1.19

Type: local

Published: 4/8/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:sharutils, cpe:/o:mandrakesoft:mandrake_linux:10.0, cpe:/o:mandrakesoft:mandrake_linux:10.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 4/7/2005

Reference Information

CVE: CVE-2004-1772, CVE-2004-1773, CVE-2005-0990

MDKSA: 2005:067