Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA1012] DSA-1012-1 unzip


Vulnerability Assessment Details

[DSA1012] DSA-1012-1 unzip

Vulnerability Assessment Summary
DSA-1012-1 unzip

Detailed Explanation for this Vulnerability Assessment

A buffer overflow in the command line argument parsing has been
discovered in unzip, the de-archiver for ZIP files, that could lead to
the execution of arbitrary code.
For the old stable distribution (woody) this problem has been fixed in
version 5.50-1woody6.
For the stable distribution (sarge) this problem has been fixed in
version 5.52-1sarge4.
For the unstable distribution (sid) this problem has been fixed in
version 5.52-7.
We recommend that you upgrade your unzip package.


Solution : http://www.debian.org/security/2006/dsa-1012
Network Security Threat Level: High

Networks Security ID: 15968

Vulnerability Assessment Copyright: This script is (C) 2007 Michel Arboi

Cables, Connectors

Micrologic Corporation Server Rack 2 Door (White) 40X33X24
$150.0
Micrologic Corporation Server Rack 2 Door (White) 40X33X24 pictureSupermicro server Larger hard drive caddy 5.25" - 01-01-742505-XXA Type 2 Opened
$3.99
Supermicro server Larger hard drive caddy 5.25Dell Poweredge R610 Server 2x 6C 2.5GHZ 48GB 2x 450GB & 4x 1.2TB *Windows 2012*
$349.99
Dell Poweredge R610 Server 2x 6C 2.5GHZ 48GB 2x 450GB & 4x 1.2TB *Windows 2012* pictureVintage 3COM EtherLink EtherCD Version 1.1 for CR990 Client & Server NIC, CD
$0.99
Vintage 3COM EtherLink EtherCD Version 1.1 for CR990 Client & Server NIC, CD picture


Discussions

No Discussions have been posted on this vulnerability.