CVE-2004-0234
NONE EPSS 95.1%
Published Aug 18, 200421y ago · Modified Jun 16, 20262w ago
Published Aug 18, 2004 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
Threat Intelligence
EPSS Exploit Probability
95.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 50
| Vendor | Product | Version | Range |
|---|---|---|---|
| clearswift | mailsweeper | 4.0 | any |
| clearswift | mailsweeper | 4.1 | any |
| clearswift | mailsweeper | 4.2 | any |
| clearswift | mailsweeper | 4.3 | any |
| clearswift | mailsweeper | 4.3.3 | any |
| clearswift | mailsweeper | 4.3.4 | any |
| clearswift | mailsweeper | 4.3.5 | any |
| clearswift | mailsweeper | 4.3.6 | any |
| clearswift | mailsweeper | 4.3.6_sp1 | any |
| clearswift | mailsweeper | 4.3.7 | any |
| clearswift | mailsweeper | 4.3.8 | any |
| clearswift | mailsweeper | 4.3.10 | any |
| clearswift | mailsweeper | 4.3.11 | any |
| clearswift | mailsweeper | 4.3.13 | any |
| f-secure | f-secure_anti-virus | 4.51 | any |
| f-secure | f-secure_anti-virus | 4.51 | any |
| f-secure | f-secure_anti-virus | 4.51 | any |
| f-secure | f-secure_anti-virus | 4.52 | any |
| f-secure | f-secure_anti-virus | 4.52 | any |
| f-secure | f-secure_anti-virus | 4.52 | any |
| f-secure | f-secure_anti-virus | 4.60 | any |
| f-secure | f-secure_anti-virus | 5.5 | any |
| f-secure | f-secure_anti-virus | 5.41 | any |
| f-secure | f-secure_anti-virus | 5.41 | any |
| f-secure | f-secure_anti-virus | 5.41 | any |
| f-secure | f-secure_anti-virus | 5.42 | any |
| f-secure | f-secure_anti-virus | 5.42 | any |
| f-secure | f-secure_anti-virus | 5.42 | any |
| f-secure | f-secure_anti-virus | 5.52 | any |
| f-secure | f-secure_anti-virus | 6.21 | any |
| f-secure | f-secure_anti-virus | 2003 | any |
| f-secure | f-secure_anti-virus | 2004 | any |
| f-secure | f-secure_for_firewalls | 6.20 | any |
| f-secure | f-secure_internet_security | 2003 | any |
| f-secure | f-secure_internet_security | 2004 | any |
| f-secure | f-secure_personal_express | 4.5 | any |
| f-secure | f-secure_personal_express | 4.6 | any |
| f-secure | f-secure_personal_express | 4.7 | any |
| f-secure | internet_gatekeeper | 6.31 | any |
| f-secure | internet_gatekeeper | 6.32 | any |
| rarlab | winrar | 3.20 | any |
| redhat | lha | 1.14i-9 | any |
| sgi | propack | 2.4 | any |
| sgi | propack | 3.0 | any |
| stalker | cgpmcafee | 3.2 | any |
| tsugio_okamoto | lha | 1.14 | any |
| tsugio_okamoto | lha | 1.15 | any |
| tsugio_okamoto | lha | 1.17 | any |
| winzip | winzip | 9.0 | any |
| redhat | fedora_core | core_1.0 | any |
References 21
- archives.neohapsis.com http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
- lists.grok.org.uk http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
- lists.grok.org.uk http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html
- marc.info http://marc.info/?l=bugtraq&m=108422737918885&w=2
- secunia.com http://secunia.com/advisories/19514
- security.gentoo.org http://security.gentoo.org/glsa/glsa-200405-02.xml
- securitytracker.com http://securitytracker.com/id?1015866
- debian.org http://www.debian.org/security/2004/dsa-515
- guay-leroux.com http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt
- osvdb.org http://www.osvdb.org/5753
- osvdb.org http://www.osvdb.org/5754
- redhat.com http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-178.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-179.html
- securityfocus.com http://www.securityfocus.com/bid/10243
- vupen.com http://www.vupen.com/english/advisories/2006/1220
- bugzilla.fedora.us https://bugzilla.fedora.us/show_bug.cgi?id=1833
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/16012
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881
Remediation
- securityfocus.com http://www.securityfocus.com/bid/10243