• info
• discussion
• exploit
• solution
• references

Info-ZIP UnZip File Name Buffer Overflow Vulnerability

The following example command will demonstrate this issue:

unzip `perl -e 'print "A" x 50000'`

An exploit by DVDMAN is available:

• /data/vulnerabilities/exploits/unzip-expl.c