|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA13094] Info-Zip Recursive Compression Buffer Overflow Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Nov 04 2004 - 08:37:25 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS
Request Trial:
https://ca.secunia.com/?f=l
----------------------------------------------------------------------
TITLE:
Info-Zip Recursive Compression Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA13094
VERIFY ADVISORY:
http://secunia.com/advisories/13094/
CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
SOFTWARE:
Info-ZIP 2.x
http://secunia.com/product/4213/
DESCRIPTION:
HexView has discovered a vulnerability in Info-Zip, which potentially
can be exploited by malicious, local users to gain escalated
privileges.
The vulnerability is caused due to a boundary error when doing
recursive compression of directories with "zip". This can be
exploited to cause a buffer overflow when a set of nested overly long
directories are compressed during e.g. a backup process.
Successful exploitation may allow execution of arbitrary code with
the privileges of the user invoking "zip" depending on the
filesystem, where the compression occurs.
NOTE: In some rare situations, this may also be a remote issue, when
Info-Zip is used in combination with other applications, which are
accessible from remote and compress directories.
The vulnerability has been confirmed in version 2.3 for Linux. Other
versions may also be affected.
SOLUTION:
Do not compress untrusted directories or use another product.
PROVIDED AND/OR DISCOVERED BY:
HexView
ORIGINAL ADVISORY:
http://www.hexview.com/docs/20041103-1.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]