FreeBSD : lha buffer overflows and path traversal issues (a2ffb627-9c53-11d8-9366-0020ed76ef5a)
Critical Nessus Plugin ID 36391
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionUlf Harnhammar discovered several vulnerabilities in LHa for UNIX's path name handling code. Specially constructed archive files may cause LHa to overwrite files or execute arbitrary code with the privileges of the user invoking LHa. This could be particularly harmful for automated systems that might handle archives such as virus scanning processes.
SolutionUpdate the affected package.