Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2004-0235
Description:Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
Test IDs: 1.3.6.1.4.1.25623.1.0.52473   1.3.6.1.4.1.25623.1.0.50314   1.3.6.1.4.1.25623.1.0.51139   1.3.6.1.4.1.25623.1.0.53206  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2004-0235
BugTraq ID: 10243
http://www.securityfocus.com/bid/10243
Bugtraq: 20040510 [Ulf Harnhammar]: LHA Advisory + Patch (Google Search)
http://marc.info/?l=bugtraq&m=108422737918885&w=2
Conectiva Linux advisory: CLA-2004:840
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
Debian Security Information: DSA-515 (Google Search)
http://www.debian.org/security/2004/dsa-515
http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
https://bugzilla.fedora.us/show_bug.cgi?id=1833
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
http://security.gentoo.org/glsa/glsa-200405-02.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978
RedHat Security Advisories: RHSA-2004:178
http://www.redhat.com/support/errata/RHSA-2004-178.html
RedHat Security Advisories: RHSA-2004:179
http://www.redhat.com/support/errata/RHSA-2004-179.html
XForce ISS Database: lha-directory-traversal(16013)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16013




© 1998-2024 E-Soft Inc. All rights reserved.