UnZip Extracted File setuid/setgid Weakness

2005-02-28T20:04:04
ID OSVDB:14390
Type osvdb
Reporter OSVDB
Modified 2005-02-28T20:04:04

Description

Solution Description

Upgrade to version 5.52 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.info-zip.org/pub/infozip/UnZip.html Secunia Advisory ID:17342 Other Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:197 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-02/0465.html CVE-2005-0602