USN-248-1: unzip vulnerability
15 February 2006
unzip vulnerability
Releases
Details
A buffer overflow was discovered in the handling of file name
arguments. By tricking a user or automated system into processing a
specially crafted, excessively long file name with unzip, an attacker
could exploit this to execute arbitrary code with the user's
privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 5.10
-
unzip
-
Ubuntu 5.04
-
unzip
-
Ubuntu 4.10
-
unzip
-
In general, a standard system update will make all the necessary changes.