RAR, UnRAR: Buffer overflow — GLSA 200702-04

RAR and UnRAR contain a buffer overflow allowing the execution of arbitrary code.

Affected Packages

app-arch/rar on all architectures
Affected versions < 3.7.0_beta1
Unaffected versions >= 3.7.0_beta1
app-arch/unrar on all architectures
Affected versions < 3.7.3
Unaffected versions >= 3.7.3

Background

RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files.

Description

RAR and UnRAR contain a boundary error when processing password-protected archives that could result in a stack-based buffer overflow.

Impact

A remote attacker could entice a user to process a specially crafted password-protected archive and execute arbitrary code with the rights of the user uncompressing the archive.

Workaround

There is no known workaround at this time.

Resolution

All UnRAR users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-arch/unrar-3.7.3"

All RAR users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-arch/rar-3.7.0_beta1"

References

Release Date
February 13, 2007

Latest Revision
February 14, 2007: 02

Severity
normal

Exploitable
remote

Bugzilla entries