Metaeye Security Group » 2007

Vendor: RARLABS (http://www.rarlabs.com)

Product: Unrar for linux (freeware).

Versions affected: All upto 3.70 beta 4

Severity: Moderate

Issue

The unrar for Linux results in crash due to processing of standard filters in RAR VM, while
processing a special crafted compressed RAR file. This happens only while extracting the
contents from the compressed file.

Impact

Any programs/softwares using the code from unrar for Linux from rarlabs for processing RAR files
are vulnerable.

PoC

http://www.metaeye.org/codes/corrupted.rar
The corrupted file has only one byte change from the original. At offset 0xE9, 80—>81.

References

1. Bugtraq BID 24866.

Status

Reported: 20/06/2007
Fixed in version 3.7 beta 5.

| by msg on July 11th, 2007 at 4:09 pm | permanent link |

Vendor: Clam AntiVirus (http://www.clamav.net)

Product: Clamav (libclamav)

Versions Affected: All before 0.91

Severity: Moderate

Issue

Clamav crashes due to processing of standard filters in RAR VM, while processing a
corrupted RAR file. Processing the corrupted file results in a null pointer deference.

Impact

Processing the corrupted file will result in crashing of clamscan application and
clamd daemon.

Fix

Upgrade to version 0.91.

PoC

http://www.metaeye.org/codes/corrupted.rar

Vendor Status

Reported: 25/06/2007
Fixed: 11/07/2007

References

1. Clamav bugzilla bug id 555.
2. Secunia advisory SA26038.
3. Bugtraq ID 24866.
4. CVE-2007-3725.

| by msg on July 11th, 2007 at 8:04 am | permanent link |


home advisories codes projects hunch archives contact rss2	[ Archive for July, 2007 ] • Unrar for Linux Denial Of Service vulnerability. Vendor: RARLABS (http://www.rarlabs.com) Product: Unrar for linux (freeware). Versions affected: All upto 3.70 beta 4 Severity: Moderate Issue The unrar for Linux results in crash due to processing of standard filters in RAR VM, while processing a special crafted compressed RAR file. This happens only while extracting the contents from the compressed file. Impact Any programs/softwares using the code from unrar for Linux from rarlabs for processing RAR files are vulnerable. PoC http://www.metaeye.org/codes/corrupted.rar The corrupted file has only one byte change from the original. At offset 0xE9, 80—>81. References 1. Bugtraq BID 24866. Status Reported: 20/06/2007 Fixed in version 3.7 beta 5. \| by msg on July 11th, 2007 at 4:09 pm \| permanent link \| • Clam AntiVirus RAR File Handling Denial Of Service Vulnerability. Vendor: Clam AntiVirus (http://www.clamav.net) Product: Clamav (libclamav) Versions Affected: All before 0.91 Severity: Moderate Issue Clamav crashes due to processing of standard filters in RAR VM, while processing a corrupted RAR file. Processing the corrupted file results in a null pointer deference. Impact Processing the corrupted file will result in crashing of clamscan application and clamd daemon. Fix Upgrade to version 0.91. PoC http://www.metaeye.org/codes/corrupted.rar Vendor Status Reported: 25/06/2007 Fixed: 11/07/2007 References 1. Clamav bugzilla bug id 555. 2. Secunia advisory SA26038. 3. Bugtraq ID 24866. 4. CVE-2007-3725. \| by msg on July 11th, 2007 at 8:04 am \| permanent link \|
[ © MSG ]

[ Archive for July, 2007 ]