Zile file.c Symlink Arbitrary File Manipulation

2005-02-12T15:12:21
ID OSVDB:14066
Type osvdb
Reporter OSVDB
Modified 2005-02-12T15:12:21

Description

Solution Description

Upgrade to version 2.0.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://zile.sourceforge.net Vendor Specific News/Changelog Entry: http://cvs.sourceforge.net/viewcvs.py/zile/zile/src/file.c?rev=1.67&view=markup Mail List Post: http://archives.neohapsis.com/archives/apps/freshmeat/2005-02/0002.html