• info
• discussion
• exploit
• solution
• references

XSOK GunZip Path Environment Variable Local Command Execution Vulnerability

Solution:
Debian has made fixes available to resolve this issue. See Debian advisory DSA 405-1 for additional details.


xsok xsok 1.0 2

• Debian xsok_1.02-9woody2_alpha.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ alpha.deb


• Debian xsok_1.02-9woody2_arm.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ arm.deb


• Debian xsok_1.02-9woody2_hppa.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ hppa.deb


• Debian xsok_1.02-9woody2_i386.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ i386.deb


• Debian xsok_1.02-9woody2_ia64.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ ia64.deb


• Debian xsok_1.02-9woody2_m68k.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ m68k.deb


• Debian xsok_1.02-9woody2_mips.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ mips.deb


• Debian xsok_1.02-9woody2_mipsel.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ mipsel.deb


• Debian xsok_1.02-9woody2_powerpc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ powerpc.deb


• Debian xsok_1.02-9woody2_s390.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ s390.deb


• Debian xsok_1.02-9woody2_sparc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ sparc.deb