KGB Archiver Decompression Traversal Arbitrary File Write

2006-04-01T08:47:35
ID OSVDB:24359
Type osvdb
Reporter OSVDB
Modified 2006-04-01T08:47:35

Description

Solution Description

Upgrade to version 1.1.5.22 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://kgbarchiver.sourceforge.net/ Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?group_id=162546&release_id=406411 Secunia Advisory ID:19511 FrSIRT Advisory: ADV-2006-1207 CVE-2006-1611 Bugtraq ID: 17363