• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Info-ZIP UnZip Privilege Escalation Vulnerability

Bugtraq ID:	14447
Class:	Design Error
CVE:	CVE-2005-0602
Remote:	No
Local:	Yes
Published:	Feb 27 2005 12:00AM
Updated:	Feb 05 2008 09:26PM
Credit:	The original discoverer of this vulnerability is currently unknown.
Vulnerable:	Sun Solaris 9_x86 Sun Solaris 9 Sun Solaris 8_x86 Sun Solaris 8 Sun Solaris 10_x86 Sun Solaris 10 Nortel Networks Self-Service Speech Server 0 Nortel Networks Self-Service - CCSS7 0 Nortel Networks Peri Workstation 0 Nortel Networks Peri CTX 0 Nortel Networks Peri Application 0 Nortel Networks Multiservice Switch - MDM 0 Nortel Networks Multiservice Data Manager (Operator Client) 0 Nortel Networks Multiservice Data Manager 0 Nortel Networks Media Processing Server Nortel Networks Enterprise NMS 0 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Linux Mandrake 2006.0 x86_64 MandrakeSoft Linux Mandrake 2006.0 MandrakeSoft Linux Mandrake 10.2 x86_64 MandrakeSoft Linux Mandrake 10.2 MandrakeSoft Linux Mandrake 10.1 x86_64 MandrakeSoft Linux Mandrake 10.1 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Corporate Server 2.1 Info-ZIP UnZip 5.51 + Trustix Secure Linux 2.2 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Info-ZIP UnZip 5.50 + Conectiva Linux 9.0 + Conectiva Linux 8.0 + Conectiva Linux 7.0 + Conectiva Linux 6.0 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Multi Network Firewall 2.0 + OpenPKG OpenPKG 1.2 + OpenPKG OpenPKG 1.1 + OpenPKG OpenPKG Current + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 alpha + RedHat Linux 7.2 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alpha + RedHat Linux 7.1 + RedHat Linux 7.0 sparc + RedHat Linux 7.0 i386 + RedHat Linux 7.0 alpha + RedHat Linux 7.0 + RedHat Linux 6.2 sparc + RedHat Linux 6.2 i386 + RedHat Linux 6.2 alpha + RedHat Linux 6.2 + Slackware Linux 9.0 + Slackware Linux -current + Sun Linux 5.0.6 Info-ZIP UnZip 5.42 + Conectiva Linux 8.0 + Conectiva Linux 7.0 + Conectiva Linux 6.0 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.2 + MandrakeSoft Corporate Server 1.0.1 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.1 + MandrakeSoft Single Network Firewall 7.2 + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 alpha + RedHat Linux 7.2 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alpha + RedHat Linux 7.1 + RedHat Linux 7.0 i386 + RedHat Linux 7.0 alpha + RedHat Linux 7.0 + RedHat Linux 6.2 sparc + RedHat Linux 6.2 i386 + RedHat Linux 6.2 alpha + RedHat Linux 6.2 + Sun Linux 5.0 Info-ZIP UnZip 5.41 Info-ZIP UnZip 5.40 Info-ZIP UnZip 5.32 Info-ZIP UnZip 5.31 Info-ZIP UnZip 5.3 Info-ZIP UnZip 5.2 Avaya Interactive Response 1.3 Avaya Interactive Response 3.0 Avaya Interactive Response 2.0 Avaya CMS Server 13.0 Avaya CMS Server 12.0 Avaya CMS Server 14.0 Avaya CMS Server 13.1
Not Vulnerable:	Info-ZIP UnZip 5.52 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + Trustix Secure Linux 3.0