Page 1 of 1
Unrar Password Prompt Buffer Overflow Vulnerability
Posted: 08 Feb 2007, 17:42
by NiNe
I have read about some buffer overflow vulnerability when unpacking a rar file.
Just have a look here:
http://labs.idefense.com/intelligence/v ... php?id=472
Is there the same problem with the RAR-Plugin in Salamander?
Unrar Password Prompt Buffer Overflow Vulnerability
Posted: 09 Feb 2007, 09:56
by Jan Rysavy
We don't know. There is nearly zero information in the mentioned message.
Without detailed description and sample archive we are not able to tell you...
Unrar Password Prompt Buffer Overflow Vulnerability
Posted: 09 Feb 2007, 12:24
by Guest
WinRAR's changelog:
Version 3.70 beta 1
15. Stack overflow vulnerability has been corrected in password
processing module of console RAR and UnRAR. GUI WinRAR is not
affected. We are thankful to the iDEFENSE LABS for reporting this bug.
Unrar Password Prompt Buffer Overflow Vulnerability
Posted: 09 Feb 2007, 19:00
by Jan Rysavy
V tom případě bude stačit nahradit knihovnu
Servant Salamander 2.5 RC2\plugins\unrar\unrar.dll
novou opravenou verzí z UnRAR 3.70 beta 1...