Mandrake Linux Security Advisory : perl-Archive-Zip (MDKSA-2004:118)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.

Synopsis :

The remote Mandrake Linux host is missing a security update.

Description :

Recently, it was noticed that several antivirus programs miss viruses
that are contained in ZIP archives with manipulated directory data.
The global archive directory of these ZIP file have been manipulated
to indicate zero file sizes.

Archive::Zip produces files of zero length when decompressing this
type of ZIP file. This causes AV products that use Archive::ZIP to
fail to detect viruses in manipulated ZIP archives. One of these
products is amavisd-new.

The updated packages are patched to fix this problem.

See also :

Solution :

Update the affected perl-Archive-Zip package.

Risk factor :

High / CVSS Base Score : 7.5

Family: Mandriva Local Security Checks

Nessus Plugin ID: 15598 (mandrake_MDKSA-2004-118.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0932

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now