RH: Updated unzip packages fix trojan vulnerability
Posted on: 07/02/2003 10:40 AM

Red Hat has released updated unzip packages for Red Hat Linux

Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available.

Description:
The unzip utility is used for manipulating archives, which are multiple files stored inside of a single file.

A vulnerabilitiy in unzip version 5.50 and earlier allows attackers to overwrite arbitrary files during archive extraction by placing invalid (non-printable) characters between two "." characters. These non-printable characters are filtered, resulting in a ".." sequence. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0282 to this issue.

This erratum includes a patch ensuring that non-printable characters do not make it possible for a malicious .zip file to write to parent directories unless the "-:" command line parameter is specified.

Users of unzip are advised to upgrade to these updated packages, which are not vulnerable to this issue.

Read more


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rh_updated_unzip_packages_fix_trojan_vulnerability.html)