cancel
Showing results for 
Search instead for 
Did you mean: 

Linux: Trojan Vulnerability in unzip Utility

N/A

Linux: Trojan Vulnerability in unzip Utility

Yesterday, on another thread here, several people were discussing "trojans". As chance would have it, today I've received a warning message from Red Hat Linux advising me to update the unzip utility in order to fix a vulnerability in relation to trojans.

"How can something like unzip possibly have anything to do with trojans?" you might ask.

Read on!

Summary:
Updated unzip packages fix trojan vulnerability

Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available.

Description:
The unzip utility is used for manipulating archives, which are multiple files stored inside of a single file.

A vulnerabilitiy in unzip version 5.50 and earlier allows attackers to overwrite arbitrary files during archive extraction by placing invalid (non-printable) characters between two "." characters. These non-printable characters are filtered, resulting in a ".." sequence. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0282 to this issue.

This erratum includes a patch ensuring that non-printable characters do not make it possible for a malicious .zip file to write to parent directories unless the "-:" command line parameter is specified.

Users of unzip are advised to upgrade to these updated packages, which are not vulnerable to this issue.

*****

On its website, Red Hat shows this vulnerability affects all of its Linux distributions from 7.1 up to and including the present 9.0.[/url]. It's very likely that other Linux distributions are also affected, and Windows users would be well-advised to consider the possibility of a similar weakness in unzip tools on their systems.