HackDig : Dig high-quality web security articles for hacker

Security issues in Libarchive file compression library affect hundreds of projects

2016-06-23 11:30

Experts from Cisco Talos discovered multiple security issues in the Libarchive library that is used by hundreds of other projects, including FreeBSD.

Security vulnerabilities in the popular open source compression toolkit Libarchive affect countless of other projects that include the library.

The flaw was discovered by experts from the Cisco Talos team that supported the Libarchive development team to solve the issues.

The library was created in 2004 for the FreeBSD project, but it is currently adopted by various file compression utilities and other popular projects, including Linux Debian.

The experts from Cisco Talos team have detailed the series of security issues that affect the library explaining that it is quite easy to exploit them by using a specially crafted ZIP file.

It is sufficient that a software including the open source compression library opens the malicious compressed archive.

libarchive

Below the list of flaws in the Libarchive discovered by the Talos group:

TALOS-2016-0152 [CVE-2016-4300]:
7-ZIP READ_SUBSTREAMSINFO INTEGER OVERFLOW

It is a heap overflow vulnerability that resides in the 7zip read_SubStreamsInfo functionality of libarchive. An attacker can trigger an integer overflow by using a specially crafted 7zip archive resulting in memory corruption allowing him to execute arbitrary code.

TALOS-2016-0153 [CVE-2016-4301]:
MTREE PARSE_DEVICE STACK BASED BUFFER OVERFLOW

It is an exploitable stack based buffer overflow vulnerability that exists in the mtree parse_device functionality of libarchive. In this case, a specially crafted mtree file can trigger a buffer overflow causing a memory corruption/code execution.

TALOS-2016-0154 [CVE-2016-4302]:
LIBARCHIVE RAR RESTARTMODEL HEAP OVERFLOW

It is a heap overflow vulnerability in the Rar decompression functionality of library. An attacker can trigger it by using a specially crafted Rar file causing a heap corruption. An attacker can send a malformed file to trigger this vulnerability.

Cisco confirmed that all the security vulnerabilities have been already fixed, but there is the risk that a large number of products that rely on Libarchive will take time to include the latest version of the library (v3.2.1).

Pierluigi Paganini

(Security Affairs – open source compression toolkit, hacking)

The post Security issues in Libarchive file compression library affect hundreds of projects appeared first on Security Affairs.


Source: lmth.swalf-evihcrabil/gnikcah/34684/sserpdrow/oc.sriaffaytiruces

“Security issues in Libarchive file compression library affect hundreds of projects”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud