1398 matches found
Moderate: Red Hat Security Advisory: unzip security update
Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available. Updated 15 August 2003 Ben Laurie found that the original patch to fix this issue missed a case where the path component included a quoted slash. These updated packages contain a new pat...
Moderate: Red Hat Security Advisory: : Updated unzip packages fix trojan vulnerability
Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available. Updated 15 August 2003 Ben Laurie found that the original patch to fix this issue missed a case where the path component included a quoted slash. These updated packages contain a new pat...
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...
DEBIAN-CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...
CVE-2003-0282
CVE-2003-0282 affects UnZip 5.50 and earlier and is a directory traversal vulnerability where invalid characters placed between two '.' characters are filtered to produce a '..' sequence, allowing overwriting of arbitrary files during archive extraction. Public references in multiple advisories (...
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...
unzip directory traversal revisited
unzip directory traversal revisited problem: well I kinda stumbled over this when i was looking for something else A while back some fuss was made over the use of .. sequences in archives because it allows you to craft an archive which will trojan your system on extraction the creators of unzip...
Low: Red Hat Security Advisory: unzip security update
The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. updated Jan 22 2003 Added description of CAN-2002-1216 which was also fixed by these erratum packages. The unzip and tar utilities are used for dealing with archives,...
Low: Red Hat Security Advisory: : : : Updated unzip and tar packages fix vulnerabilities
The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. updated Jan 22 2003 Added description of CAN-2002-1216 which was also fixed by these erratum packages The unzip and tar utilities are used for manipulating archives,...
CVE-2001-1268
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...
CVE-2001-1269
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' slash character...
CVE-2001-1268
CVE-2001-1268 is a directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier that allows overwriting arbitrary files during archive extraction via a .. in the extracted filename. Connected sources confirm the affected product is UnZip up to version 5.42 and earlier, with the basic issu...
CVE-2001-1269
CVE-2001-1269 affects Info-ZIP UnZip 5.42 and earlier. The vulnerability allows an attacker to overwrite arbitrary files during archive extraction by using filenames that begin with the slash character (/) in the ZIP archive. The issue is rooted in how the extractor handles archive filenames, ena...
CVE-2001-1268
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...
CVE-2001-1269
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' slash character...
Multiple archivers directory traversal and path globbing
Topic: Directory traversal and path globbing in multiple archivers Author: 3APA3A Affected Software: GNU tar = 1.13.19, Info-Zip UnZip = 5.42, RARSoft rar = 2.02, PKWare pkzipc = 4.00 Not affected: rar 2.80, WinZIP 8.0 Risk: low/average Released: July, 2, 2001 SECURITY.NNOV advisories:...