Family: Debian Local Security Checks --> Category: infos
[DSA344] DSA-344-2 unzip Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
A directory traversal vulnerability in UnZip 5.50 allows attackers to
bypass a check for relative pathnames ("../") by placing certain invalid
characters between the two "." characters. The fix which was
implemented in DSA-344-1 may not have protected against all methods of
exploiting this vulnerability.
For the stable distribution (woody) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you update your unzip package.
Solution : http://www.debian.org/security/2003/dsa-344
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.