LWN.net Logo

Advertisement

TrustCommerce

E-Commerce & credit card processing - the Open Source way!

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for July 2, 2009

RealtimeKit and the audio problem

VFAT patent avoidance and patent workarounds

LWN.net Weekly Edition for June 25, 2009

Apache attacked by a "slow loris"

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

unzip: directory traversal vulnerability

Package(s):unzip CVE #(s):CAN-2003-0282
Created:July 1, 2003 Updated:November 13, 2003
Description: A vulnerabilitiy in unzip version 5.50 and earlier allows attackers to overwrite arbitrary files during archive extraction by placing invalid (non-printable) characters between two "." characters. These non-printable characters are filtered, resulting in a ".." sequence. See the full advisory for further information.
Alerts:
SCO Group CSSA-2003-031.0 2003-11-07
Debian DSA-344-2 2003-08-26
Slackware SSA:2003-237-01 2003-08-25
Mandrake MDKSA-2003:073-1 2003-08-19
Conectiva CLA-2003:724 2003-08-18
Red Hat RHSA-2003:199-02 2003-08-15
Yellow Dog YDU-20030710-1 2003-07-10
Gentoo 200307-02 2003-07-11
OpenPKG OpenPKG-SA-2003.033 2003-07-10
Debian DSA-344-1 2003-07-08
Mandrake MDKSA-2003:073 2003-07-07
Conectiva CLA-2003:672 2003-07-02
Immunix IMNX-2003-7+-017-01 2003-07-02
Red Hat RHSA-2003:199-01 2003-07-01
(Log in to post comments)

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds