CVE-2004-1773

NameCVE-2004-1773
DescriptionMultiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sharutils (PTS)jessie, jessie (lts)1:4.14-2+deb8u1fixed
stretch (security), stretch (lts), stretch1:4.15.2-2+deb9u1fixed
buster1:4.15.2-4fixed
bullseye1:4.15.2-5fixed
sid, trixie, bookworm1:4.15.2-9fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sharutilssource(unstable)1:4.2.1-12

Search for package or bug name: Reporting problems