CVE-2005-4667 – Info-ZIP UnZip 5.x - File Name Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-4667
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs. • https://www.exploit-db.com/exploits/26913 http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0930.html http://secunia.com/advisories/25098 http://www.debian.org/security/2006/dsa-1012 http://www.info-zip.org/FAQ.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:050 http://www.osvdb.org/22400 http://www.redhat.com/support/errata/RHSA-2007-0203.html http://www.securityfocus.com/archive/1/430300/100/0/threaded http://www.securityfocus.com/bid • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-2475
https://notcve.org/view.php?id=CVE-2005-2475
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete. Race condition en Unzip 5.52 permite que usuarios locales modifiquen permisos de ficheros arbitrarios mediante un ataque a un fichero que se esté descomprimiendo (cuyos permisos serán cambiados por Unzip después de que la descompresión se complete). • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.39/SCOSA-2005.39.txt http://marc.info/?l=bugtraq&m=112300046224117&w=2 http://secunia.com/advisories/16309 http://secunia.com/advisories/16985 http://secunia.com/advisories/17006 http://secunia.com/advisories/17045 http://secunia.com/advisories/17342 http://secunia.com/advisories/17653 http://secunia.com/advisories/25098 http://securityreason.com/securityalert/32 http://www.debian.org/security/2005/dsa-903 http:/ •
CVE-2005-0602
https://notcve.org/view.php?id=CVE-2005-0602
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges. • http://marc.info/?l=bugtraq&m=110960796331943&w=2 http://secunia.com/advisories/17045 http://secunia.com/advisories/17342 http://secunia.com/advisories/27684 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103150-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200844-1 http://www.info-zip.org/FAQ.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:197 http://www.securityfocus.com/bid/14447 http://www.trustix.org/errata/2005/0053 •
CVE-2003-0282 – Info-ZIP UnZip 5.50 - Encoded Character Hostile Destination Path
https://notcve.org/view.php?id=CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. Vulnerabilidad de atravesamiento de directorios en UnZip 5.50, permite a atacantes sobreescribir ficheros arbitrarios mediante caracteres no válidos entre dos . (punto), lo cuales son filtrados y resulta una secuencia '..' • https://www.exploit-db.com/exploits/22584 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-031.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000672 http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-017-01 http://marc.info/?l=bugtraq&m=105259038503175&w=2 http://marc.info/?l=bugtraq&m=105786446329347&w=2 http://www.ciac.org/ciac/bulletins/n-111.shtml http://www.debian.org/security/2003/dsa-344 http://www.info •
CVE-2001-1269
https://notcve.org/view.php?id=CVE-2001-1269
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character. • http://online.securityfocus.com/archive/1/196445 http://sunsolve.sun.com/search/document.do?assetkey=1-26-47800-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000928.1-1 http://www.info-zip.org/pub/infozip/UnZip.html https://access.redhat.com/security/cve/CVE-2001-1269 https://bugzilla.redhat.com/show_bug.cgi?id=1616658 •