LinuxSecurity.com 		Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
How would you rate the importance of default settings in security?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Advisory Watch: May 16th, 2008
Linux Security Week: May 13th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: unzip vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Tavis Ormandy discovered that unzip did not correctly clean up pointers. If a user or automated service was tricked into processing a specially crafted ZIP archive, a remote attacker could execute arbitrary code with user privileges. 
=========================================================== 
Ubuntu Security Notice USN-589-1             March 20, 2008
unzip vulnerability
CVE-2008-0888
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  unzip                           5.52-6ubuntu4.1

Ubuntu 6.10:
  unzip                           5.52-8ubuntu1.1

Ubuntu 7.04:
  unzip                           5.52-9ubuntu3.1

Ubuntu 7.10:
  unzip                           5.52-10ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Tavis Ormandy discovered that unzip did not correctly clean up pointers.
If a user or automated service was tricked into processing a specially
crafted ZIP archive, a remote attacker could execute arbitrary code with
user privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-6ubuntu4.1.diff.gz
      Size/MD5:    12788 c944a77823f756df4f6f1352028c51ba
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-6ubuntu4.1.dsc
      Size/MD5:      535 05a4c713cd2bc201d7fec5dd0f1807ce
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52.orig.tar.gz
      Size/MD5:  1140291 9d23919999d6eac9217d1f41472034a9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-6ubuntu4.1_amd64.deb
      Size/MD5:   161102 b975bb72efc3b8b8a7355011090a76d3

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-6ubuntu4.1_i386.deb
      Size/MD5:   147240 7470f2fa04517e0b5b601f69db54ac84

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-6ubuntu4.1_powerpc.deb
      Size/MD5:   165218 a6b0dc720809d80d31e809492056eee0

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-6ubuntu4.1_sparc.deb
      Size/MD5:   164078 552d2029d247f091442e174eae9c3a19

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-8ubuntu1.1.diff.gz
      Size/MD5:    12565 7c86995d3353555020b5072979437d32
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-8ubuntu1.1.dsc
      Size/MD5:      535 942549c5fc2654810ecece441c702ed7
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52.orig.tar.gz
      Size/MD5:  1140291 9d23919999d6eac9217d1f41472034a9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-8ubuntu1.1_amd64.deb
      Size/MD5:   164316 1fba1ee7c30fbd2572c49d55938eac54

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-8ubuntu1.1_i386.deb
      Size/MD5:   151466 20e48a45fad384a8310ce970c00903b2

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-8ubuntu1.1_powerpc.deb
      Size/MD5:   165248 c9f333ffc8b3ea28bd5882c6f683d200

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-8ubuntu1.1_sparc.deb
      Size/MD5:   163544 b9cf45c1b44e808e6f4bc28a0e462ba5

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-9ubuntu3.1.diff.gz
      Size/MD5:    91922 4ab4fa170cfb1009969476118e6c5ea0
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-9ubuntu3.1.dsc
      Size/MD5:      619 721b61d3b81b58e01eab7e4d75ec0616
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52.orig.tar.gz
      Size/MD5:  1140291 9d23919999d6eac9217d1f41472034a9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-9ubuntu3.1_amd64.deb
      Size/MD5:   167272 1b0f7e30281083c3c1f7ee7ea1edbff4

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-9ubuntu3.1_i386.deb
      Size/MD5:   154032 ab6718b23c1cff644082b0126a72a02e

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-9ubuntu3.1_powerpc.deb
      Size/MD5:   169850 b3cf955d0462608841b350435a049f4d

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-9ubuntu3.1_sparc.deb
      Size/MD5:   166698 4a8cfaa0a4f1eb5bd54649a8a770b9fd

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-10ubuntu1.1.diff.gz
      Size/MD5:    92162 9cb570c2efaac04984b2a0742015ea05
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-10ubuntu1.1.dsc
      Size/MD5:      621 8e761acc5aa550a4c12c32a1c233d992
    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52.orig.tar.gz
      Size/MD5:  1140291 9d23919999d6eac9217d1f41472034a9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-10ubuntu1.1_amd64.deb
      Size/MD5:   167694 cd72a56dbb1eab868f159b9b822a22c8

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-10ubuntu1.1_i386.deb
      Size/MD5:   154212 be2f160d462a22bd11bf744498e69977

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-10ubuntu1.1_powerpc.deb
      Size/MD5:   169998 630a0893db3e5fee553860240946cb21

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/u/unzip/unzip_5.52-10ubuntu1.1_sparc.deb
      Size/MD5:   166968 88ffce45be1200383a5609f09be92417
 
< Prev   Next >
    
Partner:

 
Latest Features
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Meet the Anti-Nmap: PSAD
Open Source Tool of February: Nmap!
HowTo: Secure your Ubuntu Apache Web Server
SSH: Best Practices
Yesterday's Edition
Strong passwords no panacea as SSH Brute-Force Attacks Rise
Tools circulate that crack Debian, Ubuntu keys

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.