Vulnerability Bulletins |
Desbordamiento de búfer en el comando zip |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Obtener acceso |
Dificulty | Avanzado |
Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
Property | Value |
Affected manufacturer | GNU/Linux |
Affected software | Info-Zip 2.3 |
Description |
|
Se ha descubierto una vulnerabilidad de desbordamiento de búfer en el comando "zip" utilizado por multitud de sistemas Linux y algunos UNIX. Esta vulnerabilidad puede ser aprovechada para ejecutar código con los privilegios del usuario que ejecute el comando "zip". La vulnerabilidad consiste en que la aplicación no comprueba el tamaño de la ruta resultante al comprimir directorios de forma recursiva. Un usuario malicioso podría provocar situaciones en que se intenta comprimir con "zip" ficheros con nombres muy largos, provocándose un desbordamiento de búfer que, en teoría, podría llegar a aprovecharse para ejecutar código arbitrario. |
|
Solution |
|
Actualización de Software Mandrake Linux MandrakeLinux 9.2 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/zip-2.3-11.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/zip-2.3-11.1.92mdk.src.rpm Mandrakelinux 9.2/AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/zip-2.3-11.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/zip-2.3-11.1.92mdk.src.rpm Mandrakelinux 10.0 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/zip-2.3-11.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/zip-2.3-11.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/zip-2.3-11.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/zip-2.3-11.1.100mdk.src.rpm Mandrakelinux 10.1 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/zip-2.3-11.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/zip-2.3-11.1.101mdk.src.rpm Mandrakelinux 10.1/X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/zip-2.3-11.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/zip-2.3-11.1.101mdk.src.rpm Corporate Server 2.1 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/zip-2.3-9.1.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/zip-2.3-9.1.C21mdk.src.rpm Corporate Server 2.1/X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/zip-2.3-9.1.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/zip-2.3-9.1.C21mdk.src.rpm SUSE Linux Descargue los parches necesarios mediante YAST o desde el servidor FTP oficial de SUSE Red Hat Linux Red Hat Desktop (v. 3) & SRPMS: zip-2.3-16.1.src.rpm Red Hat Desktop (v. 3) & IA-32: zip-2.3-16.1.i386.rpm Red Hat Desktop (v. 3) & x86_64: zip-2.3-16.1.x86_64.rpm Red Hat Enterprise Linux AS (v. 2.1) & SRPMS: zip-2.3-10.1.src.rpm Red Hat Enterprise Linux AS (v. 2.1) & IA-32: zip-2.3-10.1.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) & IA-64: zip-2.3-10.1.ia64.rpm Red Hat Enterprise Linux AS (v. 3) & SRPMS: zip-2.3-16.1.src.rpm Red Hat Enterprise Linux AS (v. 3) & IA-32: zip-2.3-16.1.i386.rpm Red Hat Enterprise Linux AS (v. 3) & IA-64: zip-2.3-16.1.ia64.rpm Red Hat Enterprise Linux AS (v. 3) & PPC: zip-2.3-16.1.ppc.rpm Red Hat Enterprise Linux AS (v. 3) & s390: zip-2.3-16.1.s390.rpm Red Hat Enterprise Linux AS (v. 3) & s390x: zip-2.3-16.1.s390x.rpm Red Hat Enterprise Linux AS (v. 3) & x86_64: zip-2.3-16.1.x86_64.rpm Red Hat Enterprise Linux ES (v. 2.1) & SRPMS: zip-2.3-10.1.src.rpm Red Hat Enterprise Linux ES (v. 2.1) & IA-32: zip-2.3-10.1.i386.rpm Red Hat Enterprise Linux ES (v. 3) & SRPMS: zip-2.3-16.1.src.rpm Red Hat Enterprise Linux ES (v. 3) & IA-32: zip-2.3-16.1.i386.rpm Red Hat Enterprise Linux ES (v. 3) & IA-64: zip-2.3-16.1.ia64.rpm Red Hat Enterprise Linux ES (v. 3) & x86_64: zip-2.3-16.1.x86_64.rpm Red Hat Enterprise Linux WS (v. 2.1) & SRPMS: zip-2.3-10.1.src.rpm Red Hat Enterprise Linux WS (v. 2.1) & IA-32: zip-2.3-10.1.i386.rpm Red Hat Enterprise Linux WS (v. 3) & SRPMS: zip-2.3-16.1.src.rpm Red Hat Enterprise Linux WS (v. 3) & IA-32: zip-2.3-16.1.i386.rpm Red Hat Enterprise Linux WS (v. 3) & IA-64: zip-2.3-16.1.ia64.rpm Red Hat Enterprise Linux WS (v. 3) & x86_64: zip-2.3-16.1.x86_64.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor & SRPMS: zip-2.3-10.1.src.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor & IA-64: zip-2.3-10.1.ia64.rpm https://rhn.redhat.com/ Debian Linux Debian Linux 3.0 Source archives: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2.dsc http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2.diff.gz http://security.debian.org/pool/updates/main/z/zip/zip_2.30.orig.tar.gz Alpha architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_alpha.deb ARM architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_arm.deb Intel IA-32 architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_i386.deb Intel IA-64 architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_ia64.deb HP Precision architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_hppa.deb Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_m68k.deb Big endian MIPS architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_mips.deb Little endian MIPS architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_mipsel.deb PowerPC architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_powerpc.deb IBM S/390 architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_s390.deb Sun Sparc architecture: http://security.debian.org/pool/updates/main/z/zip/zip_2.30-5woody2_sparc.deb |
|
Standar resources |
|
Property | Value |
CVE | CAN-2004-1010 |
BID | |
Other resources |
|
Mandrakesoft Security Advisories (MDKSA-2004:141) http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:141 SUSE Security Summary Report SUSE-SR:2004:003 http://www.suse.de/de/security/2004_03_sr.html Red Hat Linux Security Advisory (RHSA-2004:634-08) https://rhn.redhat.com/errata/RHSA-2004-634.html Debian Security Advisory DSA 624-1 http://www.debian.org/security/2005/dsa-624 |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2004-11-26 |
1.1 | Aviso emitido por SUSE Linux (SUSE-SR:2004:003) | 2004-12-10 |
1.2 | Aviso emitido por Red Hat Linux (RHSA-2004:634-08) | 2004-12-17 |
1.3 | Aviso emitido por Debian Linux (DSA 624-1) | 2005-01-07 |