Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:118: perl-Archive-Zip Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the perl-Archive-Zip package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:118 (perl-Archive-Zip).
Recently, it was noticed that several antivirus programs miss viruses that are
contained in ZIP archives with manipulated directory data. The global archive
directory of these ZIP file have been manipulated to indicate zero file sizes.
Archive::Zip produces files of zero length when decompressing this type of ZIP
file. This causes AV products that use Archive::ZIP to fail to detect viruses
in manipulated ZIP archives. One of these products is amavisd-new.
The updated packages are patched to fix this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:118
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.