Lucene search

[email protected]CVE-2004-0234

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2004-0234

2004-08-1804:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2004

0234

stack-based buffer overflow

lha 1.14

barracuda spam firewall

nvd

security

vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.934 High

EPSS

Percentile

99.1%

JSON

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

Affected configurations

NVD

Node

clearswiftmailsweeperMatch4.0

clearswiftmailsweeperMatch4.1

clearswiftmailsweeperMatch4.2

clearswiftmailsweeperMatch4.3

clearswiftmailsweeperMatch4.3.3

clearswiftmailsweeperMatch4.3.4

clearswiftmailsweeperMatch4.3.5

clearswiftmailsweeperMatch4.3.6

clearswiftmailsweeperMatch4.3.6_sp1

clearswiftmailsweeperMatch4.3.7

clearswiftmailsweeperMatch4.3.8

clearswiftmailsweeperMatch4.3.10

clearswiftmailsweeperMatch4.3.11

clearswiftmailsweeperMatch4.3.13

f-securef-secure_anti-virusMatch4.51linux_gateways

f-securef-secure_anti-virusMatch4.51linux_servers

f-securef-secure_anti-virusMatch4.51linux_workstations

f-securef-secure_anti-virusMatch4.52linux_gateways

f-securef-secure_anti-virusMatch4.52linux_servers

f-securef-secure_anti-virusMatch4.52linux_workstations

f-securef-secure_anti-virusMatch4.60samba_servers

f-securef-secure_anti-virusMatch5.5client_security

f-securef-secure_anti-virusMatch5.41mimesweeper

f-securef-secure_anti-virusMatch5.41windows_servers

f-securef-secure_anti-virusMatch5.41workstations

f-securef-secure_anti-virusMatch5.42mimesweeper

f-securef-secure_anti-virusMatch5.42windows_servers

f-securef-secure_anti-virusMatch5.42workstations

f-securef-secure_anti-virusMatch5.52client_security

f-securef-secure_anti-virusMatch6.21ms_exchange

f-securef-secure_anti-virusMatch2003

f-securef-secure_anti-virusMatch2004

f-securef-secure_for_firewallsMatch6.20

f-securef-secure_internet_securityMatch2003

f-securef-secure_internet_securityMatch2004

f-securef-secure_personal_expressMatch4.5

f-securef-secure_personal_expressMatch4.6

f-securef-secure_personal_expressMatch4.7

f-secureinternet_gatekeeperMatch6.31

f-secureinternet_gatekeeperMatch6.32

rarlabwinrarMatch3.20

redhatlhaMatch1.14i-9i386

sgipropackMatch2.4

sgipropackMatch3.0

stalkercgpmcafeeMatch3.2

tsugio_okamotolhaMatch1.14

tsugio_okamotolhaMatch1.15

tsugio_okamotolhaMatch1.17

winzipwinzipMatch9.0

Node

redhatfedora_coreMatchcore_1.0

CPENameOperatorVersion
clearswift:mailsweeperclearswift mailsweepereq4.0
clearswift:mailsweeperclearswift mailsweepereq4.1
clearswift:mailsweeperclearswift mailsweepereq4.2
clearswift:mailsweeperclearswift mailsweepereq4.3
clearswift:mailsweeperclearswift mailsweepereq4.3.3
clearswift:mailsweeperclearswift mailsweepereq4.3.4
clearswift:mailsweeperclearswift mailsweepereq4.3.5
clearswift:mailsweeperclearswift mailsweepereq4.3.6
clearswift:mailsweeperclearswift mailsweepereq4.3.6_sp1
clearswift:mailsweeperclearswift mailsweepereq4.3.7

CPE	Name	Operator	Version
clearswift:mailsweeper	clearswift mailsweeper	eq	4.0
clearswift:mailsweeper	clearswift mailsweeper	eq	4.1
clearswift:mailsweeper	clearswift mailsweeper	eq	4.2
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.3
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.4
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.5
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.6
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.6_sp1
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.7