Info-ZIP UnZip Privilege Escalation Vulnerability

Bugtraq ID: 14447
Class: Design Error
CVE: CVE-2005-0602
Remote: No
Local: Yes
Published: Feb 27 2005 12:00AM
Updated: Feb 05 2008 09:26PM
Credit: The original discoverer of this vulnerability is currently unknown.
Vulnerable: Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 10_x86
Sun Solaris 10
Nortel Networks Self-Service Speech Server 0
Nortel Networks Self-Service - CCSS7 0
Nortel Networks Peri Workstation 0
Nortel Networks Peri CTX 0
Nortel Networks Peri Application 0
Nortel Networks Multiservice Switch - MDM 0
Nortel Networks Multiservice Data Manager (Operator Client) 0
Nortel Networks Multiservice Data Manager 0
Nortel Networks Media Processing Server
Nortel Networks Enterprise NMS 0
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Info-ZIP UnZip 5.51
+ Trustix Secure Linux 2.2
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Info-ZIP UnZip 5.50
+ Conectiva Linux 9.0
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG 1.1
+ OpenPKG OpenPKG Current
+ Red Hat Linux 6.2
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ Slackware Linux 9.0
+ Slackware Linux -current
+ Sun Linux 5.0.6
Info-ZIP UnZip 5.42
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Red Hat Linux 6.2
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ Sun Linux 5.0
Info-ZIP UnZip 5.41
Info-ZIP UnZip 5.40
Info-ZIP UnZip 5.32
Info-ZIP UnZip 5.31
Info-ZIP UnZip 5.3
Info-ZIP UnZip 5.2
Avaya Interactive Response 1.3
Avaya Interactive Response 3.0
Avaya Interactive Response 2.0
Avaya CMS Server 13.0
Avaya CMS Server 12.0
Avaya CMS Server 14.0
Avaya CMS Server 13.1
Not Vulnerable: Info-ZIP UnZip 5.52
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Trustix Secure Linux 3.0


 

Privacy Statement
Copyright 2010, SecurityFocus