brainslicer Postad 17 Mars , 2008 Rapport Postad 17 Mars , 2008 SR08-100 Flera leverantörer - Sårbar hantering av arkivformat Ett flertal produkter som hanterar arkivformat är sårbara för specialkonstruerade arkiv. Som allvarligast kan kodexekvering medges. Publicerad: 2008-03-17 15:58 Problembeskrivning CVE-referens: - CERT-FI och CPNI har gemensamt givit ut information om en rad sårbarheter rörande hantering av diverse arkivformat (såsom bz2, rar och zip). Sårbarheterna påverkar ett flertal produkter av skiftande karaktär. Läs mer leverantörsspecifik information under nedstående länkar. Påverkade versioner: Se nedanMer information och programrättningar: https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html http://www.f-secure.com/security/fsc-2008-2.shtml https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html Details Archive formats are typically used to perform one of the following functions: (1) To hold one or more archived files. Most archive formats are also capable of storing folders in order to reconstruct the file/folder relationship when extracted. (2) To compress one or more files and folders into a single file for backup or transport. These formats, which includes extensions such as ACE, ARJ, BZ2, CAB, GZ, LHA, RAR, TAR, ZIP and ZOO, are usually platform-independent and are supported by a variety of implementations, including many anti-virus products. It is for this reason that archive formats were chosen as the subject of further investigation as part of PROTOS GENOME. In this approach, a set of valid files is first collected, then a program is used to analyse the structure of these files, yielding a rough model of the underlying file format. This model is then used to generate similar files, which often have modifications that would be extremely unlikely to appear in a valid file. Usually programs should simply report that the files are invalid and resume operation in a controlled manner. However behaviour such as program termination, altered behaviour and infinite loops can indicate unintentional, and in many cases, exploitable errors.The test material can be found at the following URL: http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ Mitigation Please refer to the 'Vendor Information' section of this advisory for platform specific mitigation. Solution Please refer to the 'Vendor Information' section of this advisory for platform specific remediation. Vendor Information Vendor Vulnerable? Fixed version or URL 7-zipYes 4.5.7 Aladdin Not Vulnerable AOL Unknown Apple Not Vulnerable Astaro Unknown BeCubed Unknown bzip2 Yes 1.0.5 Checkpoint Unknown Cisco Unknown Citrix Not Vulnerable ConeXware Unknown Crossbeam Systems Unknown Debian Yes http://www.debian.org/security/2008/dsa-1455 Entrust Unknown Ericsson Unknown ESTsoft Unknown Eazel Unknown F-Secure Yes http://www.f-secure.com/security/fsc-2008-2.shtml FreeBSD Yes http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc Gentoo Yes http://security.gentoo.org/glsa/glsa-200708-03.xml Gfi Not Vulnerable Google Unknown Grisoft Unknown HP Unknown IBM Unknown Inner Media Unknown Insta Unknown Isode Unknown Kaspersky Unknown Microsoft Not Vulnerable Mozilla Unknown Nixu Oy Unknown Nokia Unknown Nortel Unknown Oracle Not Vulnerable Python Unknown RARLAB Yes 3.71 Rising Antivirus Unknown S60Zip Not Vulnerable Secgo Not Vulnerable Siemens Unknown SonicWALL Unknown Sophos Unknown Sourcefire Unknown SUSE Yes http://www.novell.com/linux/security/advisories/2007_15_sr.html Stonesoft Unknown Sun Microsystems Unknown Symantec Not Vulnerable TeamF1 Unknown TightVNC Unknown VeriSign Unknown WinGate Unknown WinZip Unknown Wind River Unknown Vendor Statements Aladdin No statement at this time Apple Our tests did not indicate any problems in Apple software running the test cases provided. bzip2 One test case has been found to cause problems with bzip2. It has been fixed in version 1.0.5. Citrix No statement at this time F-Secure Several products from F-Secure Corporation are vulnerability to the issue described in CERT-FI: 20469, CPNI: 072928, CERT/CC: VU#813451. Patches for the vulnerability have been published, and distributed automatically to end-users for all products that support automatic patching. More information about potential impact, affected products and available patches can be found in the advisory FSC-2008-2 located at http://www.f-secure.com/security/fsc-2008-2.shtml. Gfi No statement at this time Microsoft No statement at this time Oracle No statement at this time RARLAB Potential problems were found in WinRAR 3.70 code for almost all formats included in the test suite except ZOO, which is not supported by WinRAR. RARLAB did not investigate exploitability and severity of found problems. All potential problems were fixed regardless of their severity. All these fixes were included in WinRAR 3.71. S60Zip S60Zip uses the API provided by the platform to decompress .zip files. Secgo No statement at this time Symantec We have done extensive testing against your test suite. We have verified that none of our products are vulnerable. ------------------------------------------------------- lär dyka upp flera varningar och patchar från andra mjukvaror ovan: dags att börja patcha första nedan: F-Secure Archives Handling Unspecified Vulnerabilities - Highly critical - From remote Issued 2 hours ago. Some vulnerabilities have been reported in various F-Secure products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. Citera
brainslicer Postad 19 Mars , 2008 Författare Rapport Postad 19 Mars , 2008 Säkerhets fix för WinRAR. WinRAR Multiple Unspecified Vulnerabilities För att göra er av med sårbarheten får ni kolla andra program ni har installerade som kan hantera packade arkiv...(kan vara webläsare, antivirus, osv...) Eller hålla ett öga på http://secunia.com/ , lär dyka upp flera fixar småningom till andra mjukvaror Citera
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.