USN-159-1: unzip vulnerability
Posted on: 08/01/2005 06:15 AM

An unzip security update has been released for Ubuntu Linux

==========================================================
Ubuntu Security Notice USN-159-1 August 01, 2005
unzip vulnerability
CAN-2005-0602
==========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

unzip

The problem can be corrected by upgrading the affected package to version 5.51-2ubuntu0.1 (for Ubuntu 4.10), or 5.51-2ubuntu1.1 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

If a ZIP archive contains binaries with the setuid and/or setgid bit set, unzip preserved those bits when extracting the archive. This could be exploited by tricking the administrator into unzipping an archive with a setuid-root binary into a directory the attacker can access. This allowed the attacker to execute arbitrary commands with root privileges.

The updated version does not preserve setuid, setgid, and sticky bits any more by default. The old behaviour can be explicitly requested now by supplying the option '-K'.

Updated packages for Ubuntu 4.10 (Warty Warthog):

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu0.1.diff.gz
Size/MD5: 5058 5ed7b2fd196c7481a038486669df1667
http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu0.1.dsc
Size/MD5: 534 b04ea621f49716157fdff3f9379f842a
http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51.orig.tar.gz
Size/MD5: 1112594 8a25712aac642430d87d21491f7c6bd1

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu0.1_amd64.deb
Size/MD5: 147314 77f0b2321e625fef72cf04f80a7e841a

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu0.1_i386.deb
Size/MD5: 133786 f6d0d6c32d193b12009fab6ea946bce6

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu0.1_powerpc.deb
Size/MD5: 149620 1efec44b8a4be7756f47f3a6201acde4

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu1.1.diff.gz
Size/MD5: 5944 11944741502707e5b1d8de30c37db17b
http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu1.1.dsc
Size/MD5: 534 6e462e58df9c99892f2401f863dd9bdc
http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51.orig.tar.gz
Size/MD5: 1112594 8a25712aac642430d87d21491f7c6bd1

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu1.1_amd64.deb
Size/MD5: 147438 a026e8229b7590f5307d005b1f612af3

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu1.1_i386.deb
Size/MD5: 134676 75d9f59b79498117e498495126cdf873

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.51-2ubuntu1.1_powerpc.deb
Size/MD5: 150988 597d27bb8ea7978b7549a65e39745a49


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_159_1_unzip_vulnerability.html)