back to article Flaw found in Lhasa makes for compression confession depression

Cisco's Talos team has found a vulnerability in the Lhasa LZH/LHA decompression tool and library, and it's a nasty one because it means the decompression process gives attackers the chance to put whatever code they want on your machine. The problem is an integer underflow. “The software verifies that header values are not too …

  1. PassiveSmoking

    .LHA? That brings back some memories. Ah, Aminet.

    People still use it in enough numbers for this to be a problem?

    1. Robert Carnegie Silver badge

      If I've got this straight, everyone in Japan uses "Lhasa" as their zip tool?

    2. William Towle
      Linux

      > People still use it in enough numbers for this to be a problem?

      I don't think end users owning archives is the problem here ... although depending on the payload I suppose it might also be. lhasa isn't on the machine I take on my commute for example, but critically its associated library *might* be on a server which deals with spam filtering/analysis of email attachments.

      [Background: 'lhasa' has been the recommended extractor in Debian for some time, and while Ubuntu also offers 'lha' it's long in the tooth (on that front, there's also a sourceforge.jp version that I last chased up around 2005) and you might not need the latter unless you specifically want to create archives]

  2. JCitizen
    Trollface

    Gotta love these headline eye catchers..

    done in the finest tradition of yellow journalism - Oh wait!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like