Gentoo Security Advisory GLSA 200411-16 (zip)

The remote host is missing updates announced in advisory GLSA 200411-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200411-16 (zip)

The remote host is missing updates announced in advisory GLSA 200411-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-624-1 : zip - buffer overflow

A buffer overflow has been discovered in zip, the archiver for .zip files. When doing recursive folder compression the program did not check the resulting path length, which would lead to memory being overwritten. A malicious person could convince a user to create an archive containing a speciall...

RHEL 2.1 / 3 : zip (RHSA-2004:634)

An updated zip package that fixes a buffer overflow vulnerability is now available. The zip program is an archiving utility which can create ZIP-compatible archives. A buffer overflow bug has been discovered in zip when handling long file names. An attacker could create a specially crafted path...

CVE-2004-1010

CVE-2004-1010 maps to a buffer overflow in Info-Zip zip (v2.3 and possibly earlier) when recursively creating archives with very long pathnames, enabling remote code execution via a crafted ZIP. Connected advisories (Ubuntu USN-18-1, Debian DSA-624-1, Gentoo GLSA 200411-16, FreeBSD/OpenVAS entrie...