| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACqxkWLctY0FD1Y_SXn2_ShLy9Y32T93K58kPHBBqi8xQDa9Dw@mail.gmail.com>
Date: Sat, 14 May 2016 05:05:20 +0100
From: Nick Boyce <nick.boyce@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Code Execution Vulnerabilities In 7zip
Just karma whoring here, since I noticed the announcement and figured
the news needs to spread. Cisco Talis discovered a number of bugs in
7zip versions prior to 16.00, some of which lead to arbitrary code
execution when processing certain malformed archives:
http://www.zdnet.com/article/severe-7-zip-vulnerabilities-cause-top-security-software-tools-patch-panic/#ftag=RSSbaffb68
http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html
Versions from 9.20 to 15.00 are said to contain some or all of the bugs.
The comment stream in the 2nd link contains this remark:
"By default 7zip will pass inputs through all of its decompression
routines so blocking certain extensions will not work unless you also
pass a command line argument that specifies the parser to use. These
bugs will trigger with a malformed UDF/HFS file with a .zip extension
unless the added command line argument is used."
Upgrading to 7zip V16.00 ("as soon as possible") is said to fix the
vulnerabilities.
The official 7zip changelog at http://www.7-zip.org/history.txt for
16.00 just says "Some bugs were fixed".
Nick
--
Cloud so convenient
Service provider not bright
All the files are gone
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists