[Japanese]

JVNDB-2008-000022

Lhaplus buffer overflow vulnerability

Overview

Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability.

Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user decompresses a specially crafted file, an attacker could execute arbitrary code with the privilege of the user. This vulnerability is different from JVN#82610488 and JVN#70734805.

Yuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

Base Metrics: 6.8 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial

Affected Products


Schezo
  • Lhaplus Version 1.56 and eariler

Impact

An attacker could execute arbitrary code with the privilege of the user who decompressed the file.
Solution

[Update the Software]
Update to the latest version according to the information provided by the vendor.
For more information, refer to the vendor's website.
Vendor Information

Schezo
CWE (What is CWE?)

  1. Buffer Errors(CWE-119) [NVD Evaluation]
CVE (What is CVE?)

  1. CVE-2008-2021
References

  1. JVN : JVN#74468481
  2. National Vulnerability Database (NVD) : CVE-2008-2021
  3. IPA SECURITY ALERTS : Security Alert for Lhaplus Vulnerability
  4. Secunia Advisory : SA29972
  5. SecurityFocus : 28953
  6. ISS X-Force Database : 42032
  7. FrSIRT Advisories : FrSIRT/ADV-2008-1369
Revision History

[2008/05/21]
  Web page published