-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------

PACKAGE        :unzip
SUMMARY        :directory-traversal vulnerability
DATE           :2002-10-01 10:30 UTC

- - --------------------------------------------------------------------

OVERVIEW

Archive extraction is usually treated by users as a safe operation.
There are few problems with files extraction though.

DETAIL

Among them: huge files with high compression ratio are able to fill
memory/disk (see "Antivirus scanner DoS with zip archives" thread on
Vuln-Dev), special device names and special characters in file names,
directory traversal (dot-dot bug). Probably, directory traversal is
most dangerous among this bugs, because it allows to craft archive
which will trojan system on extraction. This problem is known for
software developers, and newer archivers usually have some kind of
protection. But in some cases this protection is weak and can be
bypassed. I did very quick (approx. 30 minutes, so may be I've missed
something) researches on few popular archivers. Results are below.

Read the full advisory at
http://marc.theaimsgroup.com/?l=bugtraq&m=99496364810666&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-arch/unzip-5.42-r1 and earlier update their systems
as follows:

emerge rsync
emerge unzip
emerge clean

- - --------------------------------------------------------------------
alizgentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9mXsMfT7nyhUpoZMRAmE2AJ42IOteK6437umkllOR4F0oJO0a4ACfY4QU
u5jofs44arhh9ZKkAmPxv2A=
=myfe
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]