exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2011-1778

Status Candidate

Overview

Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive.

Related Files

Gentoo Linux Security Advisory 201406-02
Posted Jun 1, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-2 - Multiple vulnerabilities have been found in libarchive, some of which may allow execution of arbitrary code. Versions less than 3.1.2-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4666, CVE-2011-1777, CVE-2011-1778, CVE-2011-1779, CVE-2013-0211
SHA-256 | 8d94b42c2e88e2def04de8980835f3f789d2bfc75f7a67fc2a764459cd915f31
Apple Security Advisory 2012-05-09-1
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-0241, CVE-2011-1004, CVE-2011-1005, CVE-2011-1167, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2692, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3328, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658
SHA-256 | 8a1ec648cdab00dde0f7ff37efd462d6ad93a16f2b5d89ca92fb566b939516e3
Debian Security Advisory 2413-1
Posted Feb 21, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2413-1 - Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.

tags | advisory, remote, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-1777, CVE-2011-1778
SHA-256 | dfe56269bdcc82503efeaf8ddeadc4f40bc5819f3f36275f831912f7ee7f4f2d
Ubuntu Security Notice USN-1310-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1310-1 - It was discovered that libarchive incorrectly handled certain ISO 9660 image files. If a user were tricked into using a specially crafted ISO 9660 image file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. It was discovered that libarchive incorrectly handled certain tar archive files. If a user were tricked into using a specially crafted tar file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1777, CVE-2011-1778
SHA-256 | bdea7bcb5147618f5647a759a8be6b8260b133e417d0c660c11e3f8aef62f6ff
Mandriva Linux Security Advisory 2011-191
Posted Dec 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-191 - A heap-based buffer overflow flaw was discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1778
SHA-256 | 05dca28376bee3ecaa55fc46d066d8da84282221b9756c854a8ed1f09619d503
Mandriva Linux Security Advisory 2011-190
Posted Dec 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-190 - Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1777, CVE-2011-1778
SHA-256 | a7a2d6dcde530878a690f207cdebdc142e5c05f52a50d1abc8a8f87417506924
Red Hat Security Advisory 2011-1507-01
Posted Dec 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1507-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar and cpio. It can also read ISO 9660 CD-ROM images. Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-1777, CVE-2011-1778
SHA-256 | dab0d35c9eae33915787aa3a999f7c73ee701a7fc540df7300f27a9d8a19a434
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close