|
Note: This is an archival copy of Security Sun Alert 201220 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000908.1. |
Category Security Release Phase Resolved Sun Cobalt Qube 3 Server Sun Cobalt RaQ XTR Server Sun Cobalt RaQ 4 Server Sun Cobalt RaQ 550 Server Bug Id 4886791 Date of Resolved Release 13-APR-2005 Impact In Sun Linux 5.0, a directory traversal vulnerability in unzip(1) 5.50 and earlier may allow local users to overwrite arbitrary files during archive extraction. Note: The unzip(1) utility is used for manipulating archives, which are multiple files stored inside of a single file. More information on this issue is available at:
Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server. Contributing Factors This issue can occur in the following releases: Sun Linux Platform
Sun Cobalt Appliances
The file(1) package version can be determined by running the following command: # rpm -q unzip unzip-5.40-2 Symptoms There are no predictable symptoms that would indicate the described issue has been exploited. Workaround To work around the described issue until patches can be applied, disable unzip(1) by removing executable and all other permissions from the unzip(1) file. To remove the permissions: $ chmod 000 /usr/bin/unzip To restore the permissions: $ chmod 755 /usr/bin/unzip Resolution This issue is addressed in the following releases: Sun Linux Platform
Sun Linux patches are available at: http://sunsolve.sun.com/patches/linux/security.html Sun Cobalt Appliances Patches for Qube3, RaQ4, RaQ550 and RaQXTR are available at: http://sunsolve.sun.com/cobalt Modification History Date: 13-APR-2005
Date: 29-AUG-2003
Attachments This solution has no attachment | |||||||||||||||
|
|