CVE-2004-0235
First published: Wed May 05 2004(Updated: )
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Clearswift MAILsweeper Business Suite | =4.0 | |
| Clearswift MAILsweeper Business Suite | =4.1 | |
| Clearswift MAILsweeper Business Suite | =4.2 | |
| Clearswift MAILsweeper Business Suite | =4.3 | |
| Clearswift MAILsweeper Business Suite | =4.3.3 | |
| Clearswift MAILsweeper Business Suite | =4.3.4 | |
| Clearswift MAILsweeper Business Suite | =4.3.5 | |
| Clearswift MAILsweeper Business Suite | =4.3.6 | |
| Clearswift MAILsweeper Business Suite | =4.3.6_sp1 | |
| Clearswift MAILsweeper Business Suite | =4.3.7 | |
| Clearswift MAILsweeper Business Suite | =4.3.8 | |
| Clearswift MAILsweeper Business Suite | =4.3.10 | |
| Clearswift MAILsweeper Business Suite | =4.3.11 | |
| Clearswift MAILsweeper Business Suite | =4.3.13 | |
| F-Secure Anti-Virus | =4.51 | |
| F-Secure Anti-Virus | =4.51 | |
| F-Secure Anti-Virus | =4.51 | |
| F-Secure Anti-Virus | =4.52 | |
| F-Secure Anti-Virus | =4.52 | |
| F-Secure Anti-Virus | =4.52 | |
| F-Secure Anti-Virus | =4.60 | |
| F-Secure Anti-Virus | =5.5 | |
| F-Secure Anti-Virus | =5.41 | |
| F-Secure Anti-Virus | =5.41 | |
| F-Secure Anti-Virus | =5.41 | |
| F-Secure Anti-Virus | =5.42 | |
| F-Secure Anti-Virus | =5.42 | |
| F-Secure Anti-Virus | =5.42 | |
| F-Secure Anti-Virus | =5.52 | |
| F-Secure Anti-Virus | =6.21 | |
| F-Secure Anti-Virus | =2003 | |
| F-Secure Anti-Virus | =2004 | |
| F-Secure for Firewalls | =6.20 | |
| F-Secure Internet Security 2010 | =2003 | |
| F-Secure Internet Security 2010 | =2004 | |
| F-Secure Personal Express | =4.5 | |
| F-Secure Personal Express | =4.6 | |
| F-Secure Personal Express | =4.7 | |
| F-Secure Internet GateKeeper for Windows | =6.31 | |
| F-Secure Internet GateKeeper for Windows | =6.32 | |
| WinRAR | =3.20 | |
| Red Hat LHA | =1.14i-9 | |
| SGI ProPack | =2.4 | |
| SGI ProPack | =3.0 | |
| stalker cgpmcafee | =3.2 | |
| LHA (by Tsugio Okamoto) | =1.14 | |
| LHA (by Tsugio Okamoto) | =1.15 | |
| LHA (by Tsugio Okamoto) | =1.17 | |
| Corel WinZip | =9.0 | |
| Red Hat Fedora Core | =core_1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
- http://marc.info/?l=bugtraq&m=108422737918885&w=2
- http://security.gentoo.org/glsa/glsa-200405-02.xml
- http://www.debian.org/security/2004/dsa-515
- http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
- http://www.redhat.com/support/errata/RHSA-2004-178.html
- http://www.redhat.com/support/errata/RHSA-2004-179.html
- http://www.securityfocus.com/bid/10243
- https://bugzilla.fedora.us/show_bug.cgi?id=1833
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16013
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978
Frequently Asked Questions
What is the severity of CVE-2004-0235?
CVE-2004-0235 has been classified as a moderate severity vulnerability due to the potential for arbitrary file creation.
How do I fix CVE-2004-0235?
To fix CVE-2004-0235, ensure you upgrade to a patched version of LHA, specifically versions beyond 1.14.
What types of attacks are possible with CVE-2004-0235?
CVE-2004-0235 allows attackers to exploit directory traversal vulnerabilities to create arbitrary files on the system.
Which software versions are affected by CVE-2004-0235?
Affected software includes LHA versions prior to 1.14, as well as Clearswift Mailsweeper and various versions of F-Secure Anti-Virus.
Who is at risk for CVE-2004-0235?
Users and systems using the affected versions of LHA and other associated software are at risk for exploitation of CVE-2004-0235.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/remedy
- agent/references
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/clearswift
- product/mailsweeper
- canonical/clearswift mailsweeper
- vendor/f-secure
- product/f-secure anti-virus
- canonical/f-secure f-secure anti-virus
- vendor/tsugio okamoto
- product/lha
- canonical/tsugio okamoto lha
- product/internet gatekeeper
- canonical/f-secure internet gatekeeper
- product/f-secure internet security
- canonical/f-secure f-secure internet security
- vendor/sgi
- product/propack
- canonical/sgi propack
- vendor/rarlab
- product/winrar
- canonical/rarlab winrar
- product/f-secure personal express
- canonical/f-secure f-secure personal express
- product/f-secure for firewalls
- canonical/f-secure f-secure for firewalls
- vendor/winzip
- product/winzip
- canonical/winzip winzip
- vendor/stalker
- product/cgpmcafee
- canonical/stalker cgpmcafee
- vendor/redhat
- canonical/redhat lha
- product/fedora core
- canonical/redhat fedora core
- canonical/clearswift mailsweeper business suite
- version/clearswift mailsweeper business suite/4.0
- version/clearswift mailsweeper business suite/4.1
- version/clearswift mailsweeper business suite/4.2
- version/clearswift mailsweeper business suite/4.3
- version/clearswift mailsweeper business suite/4.3.3
- version/clearswift mailsweeper business suite/4.3.4
- version/clearswift mailsweeper business suite/4.3.5
- version/clearswift mailsweeper business suite/4.3.6
- version/clearswift mailsweeper business suite/4.3.6_sp1
- version/clearswift mailsweeper business suite/4.3.7
- version/clearswift mailsweeper business suite/4.3.8
- version/clearswift mailsweeper business suite/4.3.10
- version/clearswift mailsweeper business suite/4.3.11
- version/clearswift mailsweeper business suite/4.3.13
- canonical/f-secure anti-virus
- version/f-secure anti-virus/4.51
- version/f-secure anti-virus/4.52
- version/f-secure anti-virus/4.60
- version/f-secure anti-virus/5.5
- version/f-secure anti-virus/5.41
- version/f-secure anti-virus/5.42
- version/f-secure anti-virus/5.52
- version/f-secure anti-virus/6.21
- version/f-secure anti-virus/2003
- version/f-secure anti-virus/2004
- canonical/f-secure for firewalls
- version/f-secure for firewalls/6.20
- canonical/f-secure internet security 2010
- version/f-secure internet security 2010/2003
- version/f-secure internet security 2010/2004
- canonical/f-secure personal express
- version/f-secure personal express/4.5
- version/f-secure personal express/4.6
- version/f-secure personal express/4.7
- canonical/f-secure internet gatekeeper for windows
- version/f-secure internet gatekeeper for windows/6.31
- version/f-secure internet gatekeeper for windows/6.32
- canonical/winrar
- version/winrar/3.20
- canonical/red hat lha
- version/red hat lha/1.14i-9
- version/sgi propack/2.4
- version/sgi propack/3.0
- version/stalker cgpmcafee/3.2
- canonical/lha (by tsugio okamoto)
- version/lha (by tsugio okamoto)/1.14
- version/lha (by tsugio okamoto)/1.15
- version/lha (by tsugio okamoto)/1.17
- canonical/corel winzip
- version/corel winzip/9.0
- canonical/red hat fedora core
- version/red hat fedora core/core_1.0