aru Posted February 28, 2006 Report Share Posted February 28, 2006 Mandriva Advisories MDKSA-2006:050 : unzip Updated unzip packages fix vulnerabilities February 27th, 2006 A buffer overflow was foiund in how unzip handles file name arguments. If a user could tricked into processing a specially crafted, excessively long file name with unzip, an attacker could execute arbitrary code with the user's privileges. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:050 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4667 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts