A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
The problem can be corrected by upgrading the affected package to
version 1:4.2.1-10ubuntu0.1. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Shaun Colley discovered a buffer overflow in "shar" that was triggered
by output files (specified with -o) with names longer than 49
characters. This could be exploited to run arbitrary attacker
specified code on systems that automatically process uploaded files
Ulf Harnhammar discovered that shar does not check the data length
returned by the 'wc' command. However, it is believed that this cannot
actually be exploited on real systems.