exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2011-1778

Status Candidate

Overview

Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive.

Related Files

Gentoo Linux Security Advisory 201406-02
Posted Jun 1, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-2 - Multiple vulnerabilities have been found in libarchive, some of which may allow execution of arbitrary code. Versions less than 3.1.2-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4666, CVE-2011-1777, CVE-2011-1778, CVE-2011-1779, CVE-2013-0211
MD5 | cca376a6e6365784644066ac7f0041ee
Apple Security Advisory 2012-05-09-1
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-0241, CVE-2011-1004, CVE-2011-1005, CVE-2011-1167, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2692, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3328, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658
MD5 | 9614673327dc336467f1b3577177a46e
Debian Security Advisory 2413-1
Posted Feb 21, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2413-1 - Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.

tags | advisory, remote, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-1777, CVE-2011-1778
MD5 | 4e53fdefa0c2bafde7b3cae7a95f6f18
Ubuntu Security Notice USN-1310-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1310-1 - It was discovered that libarchive incorrectly handled certain ISO 9660 image files. If a user were tricked into using a specially crafted ISO 9660 image file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. It was discovered that libarchive incorrectly handled certain tar archive files. If a user were tricked into using a specially crafted tar file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1777, CVE-2011-1778
MD5 | a22d10cf1d362c25b9152001c45cd4ed
Mandriva Linux Security Advisory 2011-191
Posted Dec 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-191 - A heap-based buffer overflow flaw was discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1778
MD5 | 2eb36c4870828994c475811685cc9cf6
Mandriva Linux Security Advisory 2011-190
Posted Dec 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-190 - Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1777, CVE-2011-1778
MD5 | bd022b2845d4524520eae37b33534073
Red Hat Security Advisory 2011-1507-01
Posted Dec 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1507-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar and cpio. It can also read ISO 9660 CD-ROM images. Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-1777, CVE-2011-1778
MD5 | 143b69d86cd662804abf439411c672b3
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    4 Files
  • 21
    Oct 21st
    5 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close