Note: This is an archival copy of Security Sun Alert 201243 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000928.1.
Date of Workaround Release
Date of Resolved Release
A local unprivileged user may be able to gain unauthorized root access and/or overwrite any file on the system if a privileged user extracts a tar or zip archive which contains a ".." (dot dot) in the filename.
For more information see:
This issue can occur in the following releases:
Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server.
There are no reliable symptoms that would show the described issue has been exploited to gain unauthorized root access to a system.
Verify zip or tar archives using the options as follows:
tar -tvf <tarfile>.tar
Or for compressed files:
tar -tvzf <tarfile>.tar.<gz|zip|Z|z>
Or for zip files:
unzip -l <zipfile>.zip
If multiple "../" entries are not present, the archive is safe.
This issue is addressed in the following releases:
The above patches are available at: http://sunsolve.sun.com/patches/linux/security.html
The above patches are available at http://sunsolve.sun.com/patches/cobalt/.
Sun Linux 5.0
This solution has no attachment