Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:050: unzip Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the unzip package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:050 (unzip).
A buffer overflow was foiund in how unzip handles file name arguments. If a
user could tricked into processing a specially crafted, excessively long file
name with unzip, a possible hacker could execute arbitrary code with the user's
rights. The updated packages have been patched to address this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:050
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.