rhsa-2005:007
Vulnerability from csaf_redhat
Published
2005-01-12 18:38
Modified
2024-11-21 23:18
Summary
Red Hat Security Advisory: unarj security update

Notes

Topic
An updated unarj package that fixes a buffer overflow vulnerability and a directory traversal vulnerability is now available.
Details
The unarj program is an archiving utility which can extract ARJ-compatible archives. A buffer overflow bug was discovered in unarj when handling long file names contained in an archive. An attacker could create a specially crafted archive which could cause unarj to crash or possibly execute arbitrary code when extracted by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0947 to this issue. Additionally, a path traversal vulnerability was discovered in unarj. An attacker could create a specially crafted archive which would create files in the parent ("..") directory when extracted by a victim. When used recursively, this vulnerability could be used to overwrite critical system files and programs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1027 to this issue. Users of unarj should upgrade to this updated package which contains backported patches and is not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.


To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated unarj package that fixes a buffer overflow vulnerability and a\ndirectory traversal vulnerability is now available.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The unarj program is an archiving utility which can extract ARJ-compatible\narchives.\n\nA buffer overflow bug was discovered in unarj when handling long file\nnames contained in an archive.  An attacker could create a specially\ncrafted archive which could cause unarj to crash or possibly execute\narbitrary code when extracted by a victim.  The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-0947 to\nthis issue.\n\nAdditionally, a path traversal vulnerability was discovered in unarj.  An\nattacker could create a specially crafted archive which would create files\nin the parent (\"..\") directory when extracted by a victim.  When used\nrecursively, this vulnerability could be used to overwrite critical system\nfiles and programs.  The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2004-1027 to this issue.\n\nUsers of unarj should upgrade to this updated package which contains\nbackported patches and is not vulnerable to these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2005:007",
        "url": "https://access.redhat.com/errata/RHSA-2005:007"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "138462",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=138462"
      },
      {
        "category": "external",
        "summary": "138835",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=138835"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_007.json"
      }
    ],
    "title": "Red Hat Security Advisory: unarj security update",
    "tracking": {
      "current_release_date": "2024-11-21T23:18:10+00:00",
      "generator": {
        "date": "2024-11-21T23:18:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2005:007",
      "initial_release_date": "2005-01-12T18:38:00+00:00",
      "revision_history": [
        {
          "date": "2005-01-12T18:38:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2005-01-12T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T23:18:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                "product": {
                  "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux Advanced Workstation 2.1",
                "product": {
                  "name": "Red Hat Linux Advanced Workstation 2.1",
                  "product_id": "Red Hat Linux Advanced Workstation 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 2.1",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 2.1",
                  "product_id": "Red Hat Enterprise Linux ES version 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 2.1",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 2.1",
                  "product_id": "Red Hat Enterprise Linux WS version 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2004-0947",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617328"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Enterprise Linux ES version 2.1",
          "Red Hat Enterprise Linux WS version 2.1",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2004-0947"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617328",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617328"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2004-0947",
          "url": "https://www.cve.org/CVERecord?id=CVE-2004-0947"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0947",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0947"
        }
      ],
      "release_date": "2004-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2005-01-12T18:38:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  Use Red Hat\nNetwork to download and update your packages.  To launch the Red Hat\nUpdate Agent, use the following command:\n\n    up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n    http://www.redhat.com/docs/manuals/enterprise/",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Enterprise Linux ES version 2.1",
            "Red Hat Enterprise Linux WS version 2.1",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2005:007"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2004-1027",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617356"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Enterprise Linux ES version 2.1",
          "Red Hat Enterprise Linux WS version 2.1",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2004-1027"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617356",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617356"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2004-1027",
          "url": "https://www.cve.org/CVERecord?id=CVE-2004-1027"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-1027",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1027"
        }
      ],
      "release_date": "2004-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2005-01-12T18:38:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  Use Red Hat\nNetwork to download and update your packages.  To launch the Red Hat\nUpdate Agent, use the following command:\n\n    up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n    http://www.redhat.com/docs/manuals/enterprise/",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Enterprise Linux ES version 2.1",
            "Red Hat Enterprise Linux WS version 2.1",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2005:007"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.