VULHUB ™

Ubuntu Security Notice USN-102-1 - Shaun Colley discovered a buffer overflow in shar that was triggered by output files (specified with -o) with names longer than 49 characters. This could be exploited to run arbitrary attacker specified code on systems that automatically process uploaded files with shar. Ulf Harnhammar discovered that shar does not check the data length returned by the 'wc' command. However, it is believed that this cannot actually be exploited on real systems.

Ubuntu Security Notice USN-102-1 - Shaun Colley discovered a buffer overflow in shar that was triggered by output files (specified with -o) with names longer than 49 characters. This could be exploited to run arbitrary attacker specified code on systems that automatically process uploaded files with shar. Ulf Harnhammar discovered that shar does not check the data length returned by the 'wc' command. However, it is believed that this cannot actually be exploited on real systems.