Ausnahme gefangen: SSL certificate problem: certificate is not yet valid ๐Ÿ“Œ USN-2981-1: libarchive vulnerabilities
Team IT Security Nachrichtenportal Logo

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security
RSS Feed Symbol fรผr Team IT Security 800+ IT News als RSS Feed abonnieren



๐Ÿ“š USN-2981-1: libarchive vulnerabilities


๐Ÿ’ก Newskategorie: Unix Server
๐Ÿ”— Quelle: ubuntu.com

Ubuntu Security Notice USN-2981-1

17th May, 2016

libarchive vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 15.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

libarchive could be made to crash or run programs if it opened a specially crafted file.

Software description

  • libarchive - Library to read/write archive files

Details

It was discovered that libarchive incorrectly handled certain entry-size
values in ZIP archives. A remote attacker could use this issue to cause
libarchive to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10
and Ubuntu 16.04 LTS. (CVE-2016-1541)

It was discovered that libarchive incorrectly handled memory when
processing certain tar files. A remote attacker could use this issue to
cuase libarchive to crash, resulting in a denial of service. (CVE number
pending)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 16.04 LTS:
libarchive13 3.1.2-11ubuntu0.16.04.1
Ubuntu 15.10:
libarchive13 3.1.2-11ubuntu0.15.10.1
Ubuntu 14.04 LTS:
libarchive13 3.1.2-7ubuntu2.2
Ubuntu 12.04 LTS:
libarchive12 3.0.3-6ubuntu1.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-1541

...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite










๐Ÿ“Œ Low CVE-2019-20509: Libarchive Libarchive


๐Ÿ“ˆ 28.08 Punkte

๐Ÿ“Œ libarchive 3.3.0 libarchive/archive_acl.c archive_acl_from_text_l() denial of service


๐Ÿ“ˆ 28.08 Punkte

๐Ÿ“Œ USN-3225-1: libarchive vulnerabilities


๐Ÿ“ˆ 24.54 Punkte

๐Ÿ“Œ USN-3033-1: libarchive vulnerabilities


๐Ÿ“ˆ 24.54 Punkte

๐Ÿ“Œ USN-3033-1: libarchive vulnerabilities


๐Ÿ“ˆ 24.54 Punkte

๐Ÿ“Œ USN-4293-1: libarchive vulnerabilities


๐Ÿ“ˆ 24.54 Punkte

๐Ÿ“Œ CVE-2015-8923 | libarchive up to 3.1.x ZIP File process_extra size input validation (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8922 | libarchive up to 3.1.x 7z File archive_read_support_format_7zip.c null pointer dereference (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8921 | libarchive up to 3.1.x mtree File archive_entry.c ae_strtofflags out-of-bounds (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8920 | libarchive up to 3.1.x TAR File archive_read_support_format_ar.c _ar_read_header out-of-bounds (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ USN-4169-1: libarchive vulnerability


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8919 | libarchive up to 3.1.x LZH/LHA File archive_read_support_format_lha.c lha_read_file_extended_header memory corruption (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8917 | libarchive up to 3.1.x bsdtar CAB File null pointer dereference (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8916 | libarchive up to 3.1.x bsdtar null pointer dereference (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8928 | libarchive up to 3.1.x mtree File archive_read_support_format_mtree.c process_add_entry out-of-bounds (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8925 | libarchive up to 3.1.x mtree File archive_read_support_format_mtree.c readline out-of-bounds (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8926 | libarchive up to 3.1.x RAR File archive_read_support_format_rar.c archive_read_format_rar_read_data null pointer dereference (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8924 | libarchive up to 3.1.x TAR File archive_read_support_format_tar.c archive_read_format_tar_read_header out-of-bounds (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8934 | libarchive up to 3.2.0 RAR File archive_read_support_format_rar.c copy_from_lzss_window out-of-bounds (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8933 | libarchive up to 3.1.x TAR File archive_read_support_format_tar.c archive_read_format_tar_skip integer overflow (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2015-8931 | libarchive up to 3.1.x mtree File archive_read_support_format_mtree.c get_time_t_max/get_time_t_min integer overflow (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2016-4302 | libarchive up to 3.2.0 RAR File archive_read_support_format_rar.c parse_codes memory corruption (USN-3033-1 / Nessus ID 92312)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ CVE-2020-9308 | libarchive up to 3.4.1 RAR5 File archive_read_support_format_rar5.c input validation (USN-4293-1)


๐Ÿ“ˆ 19.7 Punkte

๐Ÿ“Œ Patched libarchive Vulnerabilities Have Big Reach


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ Libarchive Vulnerabilities (June 21, 22 and 23, 2016)


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ Vuln: libarchive CVE-2015-8923 Multiple Denial of Service Vulnerabilities


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ Vuln: libarchive Multiple Security Vulnerabilities


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ Patched libarchive Vulnerabilities Have Big Reach


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ Libarchive Vulnerabilities (June 21, 22 and 23, 2016)


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ Vuln: libarchive CVE-2015-8923 Multiple Denial of Service Vulnerabilities


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ Vuln: libarchive Multiple Security Vulnerabilities


๐Ÿ“ˆ 18.88 Punkte

๐Ÿ“Œ libarchive bis 3.1.x ZIP Archive Handler archive_read_support_format_zip.c zip_read_mac_metadata Pufferรผberlauf


๐Ÿ“ˆ 14.04 Punkte

๐Ÿ“Œ DSA-3574 libarchive - security update


๐Ÿ“ˆ 14.04 Punkte

๐Ÿ“Œ Bugtraq: [slackware-security] libarchive (SSA:2016-145-01)


๐Ÿ“ˆ 14.04 Punkte

๐Ÿ“Œ Bugtraq: FreeBSD Security Advisory FreeBSD-SA-16:23.libarchive


๐Ÿ“ˆ 14.04 Punkte

matomo

Kontakt

24/7 kontakt@tsecurity.de

Weitere Informationen

Google Android Playstore Download Button fรผr Team IT Security
๐Ÿ”— Impressum
๐Ÿ”— Datenschutz
Paypal Spenden fรผr Projekt

Social Media

๐Ÿ”— Facebook
๐Ÿ”— Reddit
๐Ÿ”— Team IT Security als Elektron App
๐Ÿ”— © 2015-2023 Team IT Security Nachrichtenportal รผber Cybersecurity
๐Ÿ”— CMS "myDraft" a PHP Portal Software