Description
Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.
Affected products
- gnu / sharutils4.2 – 4.2
- gnu / sharutils4.2.1 – 4.2.1
References
- MISChttps://bugzilla.fedora.us/show_bug.cgi?id=2155
- MISChttp://security.gentoo.org/glsa/glsa-200410-01.xml
- MISChttp://www.securityfocus.com/bid/11298
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11093
- MISChttp://www.redhat.com/support/errata/RHSA-2005-377.html