Date: Tue, 1 Jul 2003 15:11:23 -0700 (PDT) From: Thomas McIntyre <temac@yahoo.com> To: freebsd-ports@freebsd.org Subject: vulnerability in unzip 5.50? Message-ID: <20030701221123.27692.qmail@web14202.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Is anybody aware of a a security problem with unzip in the ports? I tried searching google/mailing lists, but did not find anything relevant. The last update to the port looks about 3 months ago, which seems to be before the notifications. Thx, Tom McIntyre =-=-=-=-=-= [RHSA-2003:199-01] Updated unzip packages fix trojan vulnerability ..... 3. Problem description: The unzip utility is used for manipulating archives, which are multiple files stored inside of a single file. A vulnerabilitiy in unzip version 5.50 and earlier allows attackers to overwrite arbitrary files during archive extraction by placing invalid (non-printable) characters between two "." characters. These non-printable characters are filtered, resulting in a ".." sequence. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0282 to this issue. This erratum includes a patch ensuring that non-printable characters do not make it possible for a malicious .zip file to write to parent directories unless the "-:" command line parameter is specified. Users of unzip are advised to upgrade to these updated packages, which are not vulnerable to this issue. =-=-=-=-=-= http://icat.nist.gov/icat.cfm?cvename=CAN-2003-0282 ..... Vulnerability Name: This reference is to a non-NIST site. (disclaimer) CAN-2003-0282 Published before: 6/16/2003 Summary: Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. Severity: Medium Vulnerability type: Exceptional Condition Handling Error Design Error Exploitable Range: Unknown Loss type: Integrity Reference 1: This reference is to a non-NIST site. (disclaimer) Source: Bugtraq Type: General Name: unzip directory traversal revisited http://marc.theaimsgroup.com/?l=bugtraq&m=105259038503175&w=2 Vulnerable software and versions: Info-Zip, UnZip, 5.50 __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030701221123.27692.qmail>