vulnerability in unzip 5.50?
Thomas McIntyre
temac at yahoo.com
Tue Jul 1 15:11:24 PDT 2003
Is anybody aware of a a security problem with unzip in the ports? I
tried searching google/mailing lists, but did not find anything
relevant.
The last update to the port looks about 3 months ago, which seems to
be before the notifications.
Thx,
Tom McIntyre
=-=-=-=-=-=
[RHSA-2003:199-01] Updated unzip packages fix trojan vulnerability
.....
3. Problem description:
The unzip utility is used for manipulating archives, which are
multiple
files stored inside of a single file.
A vulnerabilitiy in unzip version 5.50 and earlier allows attackers
to
overwrite arbitrary files during archive extraction by placing
invalid
(non-printable) characters between two "." characters. These
non-printable
characters are filtered, resulting in a ".." sequence. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name
CAN-2003-0282 to this issue.
This erratum includes a patch ensuring that non-printable characters
do not
make it possible for a malicious .zip file to write to parent
directories
unless the "-:" command line parameter is specified.
Users of unzip are advised to upgrade to these updated packages,
which are
not vulnerable to this issue.
=-=-=-=-=-=
http://icat.nist.gov/icat.cfm?cvename=CAN-2003-0282
.....
Vulnerability Name:
This reference is to a non-NIST site. (disclaimer) CAN-2003-0282
Published before: 6/16/2003
Summary: Directory traversal vulnerability in UnZip 5.50 allows
attackers to overwrite arbitrary files via invalid characters between
two . (dot) characters, which are filtered and result in a ".."
sequence.
Severity: Medium
Vulnerability type: Exceptional Condition Handling Error
Design Error
Exploitable Range: Unknown
Loss type: Integrity
Reference 1:
This reference is to a non-NIST site. (disclaimer) Source: Bugtraq
Type: General
Name: unzip directory traversal revisited
http://marc.theaimsgroup.com/?l=bugtraq&m=105259038503175&w=2
Vulnerable software and versions: Info-Zip, UnZip, 5.50
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
More information about the freebsd-ports
mailing list