38 matches found
Photon OS 5.0: Unzip PHSA-2024-5.0-0424
An update of the unzip package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0424. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2014-9636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than t...
CBL Mariner 2.0 Security Update: unzip (CVE-2014-9636)
The version of unzip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2014-9636 advisory. - unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an...
CVE-2014-9636 affecting package unzip for versions less than 6.0-20
CVE-2014-9636 affecting package unzip for versions less than 6.0-20. A patched version of the package is available...
SUSE CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...
Ubuntu: Security Advisory (USN-2489-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9636 affecting package unzip for versions less than 6.0-19
CVE-2014-9636 affecting package unzip for versions less than 6.0-19. A patched version of the package is available...
SUSE: Security Advisory (SUSE-SU-2015:0377-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2978-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9636 affecting package unzip 6.0-19
CVE-2014-9636 affecting package unzip 6.0-19. A patched version of the package is available...
openSUSE: Security Advisory for unzip (openSUSE-SU-2018:1914-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for unzip (openSUSE-SU-2018:3043-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED12 / SLES12 Security Update : unzip (SUSE-SU-2018:2978-1)
This update for unzip fixes the following security issues : CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denia...
Security Bulletin: Multiple Unzip vulnerabilities affect PowerKVM (Multiple CVEs)
Summary PowerKVM is affected by several vulnerabilities in OpenSSL. Vulnerability Details CVEID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a heap-based buffer overflow, caused by improper bounds checking within the CRC32 verification. A lo CVSS Base Score: 4.4 CVSS Temporal Score...
Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Protection (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 )
Summary The unzip utility is used to list, test, or extract files from a zip archive. Security vulnerabilities have been discovered in unzip used with IBM Security Network Protection. Vulnerability Details CVE ID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a heap-based buffer...
Oracle: Security Advisory (ELSA-2015-0700)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : unzip (SUSE-SU-2015:0355-1)
unzip was updated to fix one security issue. This security issue was fixed : - Out-of-bounds read/write in testcompreb in extract.c CVE-2014-9636. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
Amazon Linux AMI : unzip (ALAS-2015-504)
A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. CVE-2014-9636 A buffer overflow flaw was found in the way...
Scientific Linux Security Update : unzip on SL6.x, SL7.x i386/x86_64 (20150318)
A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. CVE-2014-9636 A buffer overflow flaw was found in the way...
OracleVM 3.3 : unzip (OVMSA-2015-0037)
The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2014-9636 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Resolves: 1196132 1196120 1196124 1196128 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were...