|
Family: Ubuntu Local Security Checks --> Category: infos
USN191-1 : unzip vulnerability Vulnerability Scan
Vulnerability Scan Summary unzip vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote package "unzip" is missing a security patch.
Description :
Imran Ghory found a race condition in the handling of output files.
While a file was unpacked by unzip, a local attacker with write
permissions to the target directory could exploit this to change the
permissions of arbitrary files of the unzip user.
Solution :
Upgrade to :
- unzip-5.51-2ubuntu1.2 (Ubuntu 5.04)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|