Multiple LHA Buffer Overflow/Directory Traversal Vulnerabilities

Bugtraq ID: 10243
Class: Unknown
CVE: CVE-2004-0234
CVE-2004-0235
CVE-2005-0644
CVE-2005-0643
Remote: Yes
Local: No
Published: Apr 30 2004 12:00AM
Updated: Jul 12 2009 04:07AM
Credit: Discovery of these vulnerabilities has been credited to Ulf Harnhammar.
Vulnerable: WinZip WinZip 9.0
Stalker CGPMcAfee 3.2
+ McAfee Antivirus Engine 4.3.20
SGI ProPack 3.0
SGI ProPack 2.4
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat lha-1.14i-9.i386.rpm
+ RedHat Linux 9.0 i386
Red Hat Fedora Core1
RARLAB WinRar 3.20
Mr. S.K. LHA 1.17
Mr. S.K. LHA 1.15
Mr. S.K. LHA 1.14
McAfee WebShield SMTP 4.5
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
McAfee Webshield Appliances
McAfee VirusScan Professional
McAfee VirusScan for NetApp
McAfee VirusScan Enterprise 8.0 i
McAfee VirusScan Command Line
McAfee VirusScan 9.0
McAfee VirusScan 8.0
McAfee VirusScan 7.1
McAfee VirusScan 7.0
McAfee VirusScan 6.0
McAfee VirusScan 5.0
McAfee VirusScan 4.5.1
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95 SR2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional
McAfee VirusScan 4.5
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
McAfee VirusScan 4.0.3
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
McAfee VirusScan 4.0
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
McAfee VirusScan 3.0
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
McAfee VirusScan 2.0
McAfee VirusScan 1.0
McAfee Virex
McAfee SecurityShield for Microsoft ISA Server
McAfee PortalShield for Microsoft SharePoint
McAfee NetShield for Netware
McAfee Managed VirusScan
McAfee LinuxShield
McAfee Internet Security Suite
McAfee GroupShield for Mail Servers with ePO
McAfee GroupShield for Lotus Domino
McAfee GroupShield for Exchange 5.5
McAfee ASaP VirusScan 0
McAfee Active Virus Defense SMB Edition
McAfee Active Threat Protection
McAfee Active Mail Protection
F-Secure Personal Express 4.7
F-Secure Personal Express 4.6
F-Secure Personal Express 4.5
F-Secure Internet Security 2004
F-Secure Internet Security 2003
F-Secure Internet Gatekeeper 6.32
F-Secure Internet Gatekeeper 6.31
F-Secure F-Secure for Firewalls 6.20
F-Secure Anti-Virus for Workstations 5.42
F-Secure Anti-Virus for Workstations 5.41
F-Secure Anti-Virus for Windows Servers 5.42
F-Secure Anti-Virus for Windows Servers 5.41
F-Secure Anti-Virus for Samba Servers 4.60
F-Secure Anti-Virus for MS Exchange 6.21
F-Secure Anti-Virus for MIMEsweeper 5.42
F-Secure Anti-Virus for MIMEsweeper 5.41
F-Secure Anti-Virus for Linux Workstations 4.52
F-Secure Anti-Virus for Linux Workstations 4.51
F-Secure Anti-Virus for Linux Servers 4.52
F-Secure Anti-Virus for Linux Servers 4.51
F-Secure Anti-Virus for Linux Gateways 4.52
F-Secure Anti-Virus for Linux Gateways 4.51
F-Secure Anti-Virus Client Security 5.52
F-Secure Anti-Virus Client Security 5.50
F-Secure Anti-Virus 2004
F-Secure Anti-Virus 2003
Clearswift MailSweeper 4.3.13
Clearswift MailSweeper 4.3.11
Clearswift MailSweeper 4.3.10
Clearswift MailSweeper 4.3.8
Clearswift MailSweeper 4.3.7
Clearswift MailSweeper 4.3.6 SP1
Clearswift MailSweeper 4.3.6
Clearswift MailSweeper 4.3.5
Clearswift MailSweeper 4.3.4
Clearswift MailSweeper 4.3.3
Clearswift MailSweeper 4.3
- Microsoft Windows 2000 Advanced Server SP3
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Server SP3
- Microsoft Windows 2000 Server SP2
Clearswift MailSweeper 4.2
Clearswift MailSweeper 4.1
Clearswift MailSweeper 4.0
Barracuda Networks Barracuda Spam Firewall 3.1.18 firmware
Barracuda Networks Barracuda Spam Firewall 3.1.17 firmware
Not Vulnerable: Barracuda Networks Barracuda Spam Firewall 3.3.03.022 firmware


 

Privacy Statement
Copyright 2010, SecurityFocus