|
Family: Debian Local Security Checks --> Category: infos
[DSA344] DSA-344-2 unzip Vulnerability Scan
Vulnerability Scan Summary DSA-344-2 unzip
Detailed Explanation for this Vulnerability Test
A directory traversal vulnerability in UnZip 5.50 allows attackers to
bypass a check for relative pathnames ("../") by placing certain invalid
characters between the two "." characters. The fix which was
implemented in DSA-344-1 may not have protected against all methods of
exploiting this vulnerability.
For the stable distribution (woody) this problem has been fixed in
version 5.50-1woody2.
For the unstable distribution (sid) this problem has been fixed in
version 5.50-3.
We recommend that you update your unzip package.
Solution : http://www.debian.org/security/2003/dsa-344
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|