FreeBSD Security Advisory

11十一月06

FreeBSD-SA-06:24.libarchive

II. Problem Description

If the end of an archive is reached while attempting to “skip" past a region of an archive, libarchive will enter an infinite loop wherein it repeatedly attempts (and fails) to read further data.

III. Impact

An attacker able to cause a system to extract (via “tar -x" or another application which uses libarchive) or list the contents (via “tar -t" or another libarchive-using application) of an archive provided by the attacker can cause libarchive to enter an infinite loop and use all available CPU time.



No Responses Yet to “FreeBSD Security Advisory”

  1. 發表迴響

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com 標誌

您的留言將使用 WordPress.com 帳號。 登出 /  變更 )

Google+ photo

您的留言將使用 Google+ 帳號。 登出 /  變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 /  變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 /  變更 )

連結到 %s


%d 位部落客按了讚: