RAR and UnRAR contain a buffer overflow allowing the execution of
arbitrary code.
Background
==========
RAR and UnRAR provide command line interfaces for compressing and
decompressing RAR files.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-arch/rar < 3.7.0_beta1 >= 3.7.0_beta1
2 app-arch/unrar < 3.7.3 >= 3.7.3
-------------------------------------------------------------------
2 affected packages on all of their supported architectures.
-------------------------------------------------------------------
Description
===========
RAR and UnRAR contain a boundary error when processing
password-protected archives that could result in a stack-based buffer
overflow.
Impact
======
A remote attacker could entice a user to process a specially crafted
password-protected archive and execute arbitrary code with the rights
of the user uncompressing the archive.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All UnRAR users should upgrade to the latest version:
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security (at) gentoo (dot) org [email concealed] or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2007 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
Gentoo Linux Security Advisory GLSA 200702-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: RAR, UnRAR: Buffer overflow
Date: February 13, 2007
Bugs: #166440
ID: 200702-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
RAR and UnRAR contain a buffer overflow allowing the execution of
arbitrary code.
Background
==========
RAR and UnRAR provide command line interfaces for compressing and
decompressing RAR files.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-arch/rar < 3.7.0_beta1 >= 3.7.0_beta1
2 app-arch/unrar < 3.7.3 >= 3.7.3
-------------------------------------------------------------------
2 affected packages on all of their supported architectures.
-------------------------------------------------------------------
Description
===========
RAR and UnRAR contain a boundary error when processing
password-protected archives that could result in a stack-based buffer
overflow.
Impact
======
A remote attacker could entice a user to process a specially crafted
password-protected archive and execute arbitrary code with the rights
of the user uncompressing the archive.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All UnRAR users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/rar-3.7.3"
All RAR users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/rar-3.7.0_beta1"
References
==========
[ 1 ] CVE-2007-0855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200702-04.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security (at) gentoo (dot) org [email concealed] or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2007 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRdJI5DvRww8BFPxFAQJl6gf/RwPo1hC5XdK+cVCIdnczC0KxJJndr3CT
2pLD4I0iCbHSABUhiBfCIzoPPcW1lLPPkzg3DTIEi6tNKWFTqBg69zyvh3bcpGom
ghdkuz9+tQ0qH7uWvOpeYoVn+hyyr0StvcoOXb5hZThHkBLWmjJowvFPWwbpx4YE
Lfl7QzFP6NHBQF0V+QxdKCole+JeyGFn8BVi8bcjm2RDFeCfYj+U8pt8C1/7P3BM
S7/vi5VvLzTCieZPDSlYcF70z3dFo+mP4l063tGnmCR4SdiVVhHEzz2HKfOvKwYs
NbD7lGje7zTLEkxLO+lrYh9gE1+nN289WYnbe91POGOym3rTPVoq6g==
=mHR6
-----END PGP SIGNATURE-----
[ reply ]