MDKSA-2002:065
- Package name
- unzip
- Date
- 2002-10-10
- Advisory ID
- MDKSA-2002:065
- Affected versions
- 8.1 i586 , SNF7.2 i586 , CS1.0 i586 , 8.1 i586 , 8.0 i586 , 8.2 i586 , 8.0 i586 , 8.2 i586 , 7.1 i586 , 7.2 i586
Problem description
A directory traversal vulnerability was discovered in unzip version 5.42 and earlier that allows attackers to overwrite arbitrary files during extraction of the archive by using a ".." (dot dot) in an extracted filename, as well as prefixing filenames in the archive with "/" (slash).
Updated packages
8.1 i586
5effdffc706442ddd5ef933b139805bc ia64/8.1/RPMS/unzip-5.50-2.1mdk.ia64.rpm af61004cadf81c51aee95ceaa0f66d17 ia64/8.1/SRPMS/unzip-5.50-2.1mdk.src.rpm
SNF7.2 i586
ab909f58fa8b6cac86bfc95813035579 snf7.2/RPMS/unzip-5.50-2.1mdk.i586.rpm af61004cadf81c51aee95ceaa0f66d17 snf7.2/SRPMS/unzip-5.50-2.1mdk.src.rpm
CS1.0 i586
ab909f58fa8b6cac86bfc95813035579 1.0.1/RPMS/unzip-5.50-2.1mdk.i586.rpm af61004cadf81c51aee95ceaa0f66d17 1.0.1/SRPMS/unzip-5.50-2.1mdk.src.rpm
8.1 i586
9c684644594628a09247ada42a566185 8.1/RPMS/unzip-5.50-2.1mdk.i586.rpm af61004cadf81c51aee95ceaa0f66d17 8.1/SRPMS/unzip-5.50-2.1mdk.src.rpm
8.0 i586
d70fef1d9a8c1ff7eccff62e283d1992 8.0/RPMS/unzip-5.50-2.1mdk.i586.rpm af61004cadf81c51aee95ceaa0f66d17 8.0/SRPMS/unzip-5.50-2.1mdk.src.rpm
8.2 i586
33bf02cef205d3b4d4e66c49618a67cf 8.2/RPMS/unzip-5.50-2.1mdk.i586.rpm af61004cadf81c51aee95ceaa0f66d17 8.2/SRPMS/unzip-5.50-2.1mdk.src.rpm
8.0 i586
5e8d9366e92efd764e8f08f394b0fe60 ppc/8.0/RPMS/unzip-5.50-2.1mdk.ppc.rpm af61004cadf81c51aee95ceaa0f66d17 ppc/8.0/SRPMS/unzip-5.50-2.1mdk.src.rpm
8.2 i586
0f1c77bf8ab5ef1399eb906c98e2b269 ppc/8.2/RPMS/unzip-5.50-2.1mdk.ppc.rpm af61004cadf81c51aee95ceaa0f66d17 ppc/8.2/SRPMS/unzip-5.50-2.1mdk.src.rpm
7.1 i586
ab909f58fa8b6cac86bfc95813035579 7.1/RPMS/unzip-5.50-2.1mdk.i586.rpm af61004cadf81c51aee95ceaa0f66d17 7.1/SRPMS/unzip-5.50-2.1mdk.src.rpm
7.2 i586
ab909f58fa8b6cac86bfc95813035579 7.2/RPMS/unzip-5.50-2.1mdk.i586.rpm af61004cadf81c51aee95ceaa0f66d17 7.2/SRPMS/unzip-5.50-2.1mdk.src.rpm