sharutils: Buffer overflows in shar.c and unshar.c — GLSA 200410-01

sharutils contains two buffer overflow vulnerabilities that could lead to arbitrary code execution.

Affected Packages

app-arch/sharutils on all architectures
Affected versions <= 4.2.1-r9
Unaffected versions >= 4.2.1-r10

Background

sharutils contains utilities to manage shell archives.

Description

sharutils contains two buffer overflows. Ulf Harnhammar discovered a buffer overflow in shar.c, where the length of data returned by the wc command is not checked. Florian Schilhabel discovered another buffer overflow in unshar.c.

Impact

An attacker could exploit these vulnerabilities to execute arbitrary code as the user running one of the sharutils programs.

Workaround

There is no known workaround at this time.

Resolution

All sharutils users should upgrade to the latest version:

 # emerge sync
 
 # emerge -pv ">=app-arch/sharutils-4.2.1-r10"
 # emerge ">=app-arch/sharutils-4.2.1-r10"

References

Release Date
October 01, 2004

Latest Revision
May 22, 2006: 02

Severity
normal

Exploitable
remote

Bugzilla entries