LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

zip: arbitrary code execution

Package(s):zip CVE #(s):CAN-2004-1010
Created:November 5, 2004 Updated:February 2, 2005
Description: HexView discovered a buffer overflow in the zip package. The overflow is triggered by creating a ZIP archive of files with very long path names. This vulnerability might result in execution of arbitrary code with the privileges of the user who calls zip. This flaw may lead to privilege escalation on systems which automatically create ZIP archives of user supplied files, like backup systems or web applications.
Alerts:
Fedora-Legacy FLSA:2255 2005-02-01
Debian DSA-624-1 2004-01-05
Red Hat RHSA-2004:634-01 2004-12-16
Mandrake MDKSA-2004:141 2004-11-25
Gentoo 200411-16 2004-11-09
Fedora FEDORA-2004-399 2004-11-08
Fedora FEDORA-2004-400 2004-11-08
Ubuntu USN-18-1 2004-11-05
(Log in to post comments)

Re: zip: arbitrary code execution

Posted Nov 15, 2004 21:31 UTC (Mon) by roelofs (guest, #2599) [Link]

A proposed patch, based on one by Josh Bressers of Red Hat, is available. The Unix part is pretty solid, but it could use some testing on the other 13 or 14 potentially affected platforms.

Greg

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds