exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2016-1541

Status Candidate

Overview

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.

Related Files

Gentoo Linux Security Advisory 201701-03
Posted Jan 2, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-3 - Multiple vulnerabilities have been found in libarchive, the worst of which allows for the remote execution of arbitrary code. Versions less than 3.2.2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2304, CVE-2015-8915, CVE-2015-8916, CVE-2015-8917, CVE-2015-8918, CVE-2015-8919, CVE-2015-8920, CVE-2015-8921, CVE-2015-8922, CVE-2015-8923, CVE-2015-8924, CVE-2015-8925, CVE-2015-8926, CVE-2015-8927, CVE-2015-8928, CVE-2015-8929, CVE-2015-8930, CVE-2015-8931, CVE-2015-8932, CVE-2015-8933, CVE-2015-8934, CVE-2016-1541, CVE-2016-4300, CVE-2016-4301, CVE-2016-4302, CVE-2016-4809, CVE-2016-5418, CVE-2016-5844
SHA-256 | 6e383d806a0d0bc5f7390454433a074fd47878257ac7fa6b5489c1564f435929
Download | Favorite | View
Red Hat Security Advisory 2016-1844-01
Posted Sep 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1844-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive.

tags | advisory, arbitrary, python
systems | linux, redhat
advisories | CVE-2015-8916, CVE-2015-8917, CVE-2015-8919, CVE-2015-8920, CVE-2015-8921, CVE-2015-8922, CVE-2015-8923, CVE-2015-8924, CVE-2015-8925, CVE-2015-8926, CVE-2015-8928, CVE-2015-8930, CVE-2015-8931, CVE-2015-8932, CVE-2015-8934, CVE-2016-1541, CVE-2016-4300, CVE-2016-4302, CVE-2016-4809, CVE-2016-5418, CVE-2016-5844, CVE-2016-6250, CVE-2016-7166
SHA-256 | ecc02ac8c19e821e663da1602fbb4cbf585f0740fa7472a450e18bdab7e321d2
Download | Favorite | View
Slackware Security Advisory - libarchive Updates
Posted May 25, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libarchive packages are available for Slackware 14.1 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-1541
SHA-256 | 8dcafe00750b08175eab4172d9b1dd6a10111253f455b4ecf54c3eee62f4cdbb
Download | Favorite | View
Ubuntu Security Notice USN-2981-1
Posted May 17, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2981-1 - It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. It was discovered that libarchive incorrectly handled memory when processing certain tar files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1541
SHA-256 | cd28623f8a397ad606f6739d1d53e4c06507e985acd72d2147bc28e72c960e56
Download | Favorite | View
Debian Security Advisory 3574-1
Posted May 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3574-1 - Rock Stevens, Andrew Ruef and Marcin 'Icewall' Noga discovered a heap-based buffer overflow vulnerability in the zip_read_mac_metadata function in libarchive, a multi-format archive and compression library, which may lead to the execution of arbitrary code if a user or automated system is tricked into processing a specially crafted ZIP file.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-1541
SHA-256 | 5c7a63f165516bff86da6dfcf9cb9e9abd17ee133b43b69d6f316ed34e7ffb09
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

June 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    18 Files
  • 2
    Jun 2nd
    13 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    32 Files
  • 6
    Jun 6th
    39 Files
  • 7
    Jun 7th
    22 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close