Cybersecurity threats 2014: Buffer Overflow vulnerability in Info-Zip utility

Posted: November 19, 2014 in Vulnerability News
Tags: , , ,

Vulnerabilities 2014Buffer Overflow vulnerability in Info-Zip utility

A local user can elevate their privileges on the target system.

Danger level: Low
Availability fixes: Yes
Number of vulnerabilities: 1
CVSSv2 Rating: (AV: L / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: O / RC: C) = Base: 6.9 / Temporal: 5.1
CVE ID: CVE-2004-1010

Vector of operation: Local
Impact: Privilege escalation (Buffer Overflow)

Privilege escalation

Affected Products: Info-ZIP Zip 2.x in Sun Solaris
Affected versions: Info-Zip 2.3 for Linux, Solaris 10.x, possibly other versions

Info-Zip

Description:
The vulnerability allows local users to gain escalated privileges on the target system.

[CVE-2004-1010] The vulnerability is caused due to an integer overflow error in the exercise of memory recursive compression of directories containing “zip”. A local user can cause a buffer overflow and execute arbitrary code with the privileges of the user requesting to “zip” (privileges are also dependent on the type of the file system).

Note: In some cases, arbitrary code execution can be carried out remotely, but, for this, requires  that the Info-Zip would be used in combination with other applications that support remote connections and recursive compression.

Solution: Install the latest version from the manufacturer.

References:
https://blogs.oracle.com/sunsecurity/entry/cve_2004_1010_buffer_overflow
http://www.hexview.com/docs/20041103-1.txt


Oracle Solaris logoManufacturer URL:

http://www.sun.com/software/solaris/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s