dcsimg
December 4, 2016
Hot Topics:

Libarchive Flaw Puts Other Software at Risk

  • June 22, 2016
  • By Developer.com Staff

Researchers from Cisco Systems' Talos group have found three severe security flaws—an integer overflow, a buffer overflow and a heap overflow—in an open source library called libarchive. Many popular open source projects rely on the library, which provides real-time access to compressed files. It's used by many Linux and BSD file managers, as well as by OS X and Chrome OS components. No one knows how many other pieces of software may rely on libarchive, making them vulnerable to attacks.

"When vulnerabilities are discovered in a piece of software such as libarchive, many third-party programs that rely on and bundle libarchive are affected," the Talos researchers blogged. "These are what are known as common mode failures, which enable attackers to use a single attack to compromise many different programs/systems. Users are encouraged to patch all relevant programs as quickly as possible."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Sitemap | Contact Us

Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel