Oracle Linux 6 / 7 : unzip (ELSA-2015-0700)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing a security update.

Description :

From Red Hat Security Advisory 2015:0700 :

Updated unzip packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 6 and 7.

Red Hat Product Security has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The unzip utility is used to list, test, or extract files from a zip
archive.

A buffer overflow was found in the way unzip uncompressed certain
extra fields of a file. A specially crafted Zip archive could cause
unzip to crash or, possibly, execute arbitrary code when the archive
was tested with unzip's '-t' option. (CVE-2014-9636)

A buffer overflow flaw was found in the way unzip computed the CRC32
checksum of certain extra fields of a file. A specially crafted Zip
archive could cause unzip to crash when the archive was tested with
unzip's '-t' option. (CVE-2014-8139)

An integer underflow flaw, leading to a buffer overflow, was found in
the way unzip uncompressed certain extra fields of a file. A specially
crafted Zip archive could cause unzip to crash when the archive was
tested with unzip's '-t' option. (CVE-2014-8140)

A buffer overflow flaw was found in the way unzip handled Zip64 files.
A specially crafted Zip archive could possibly cause unzip to crash
when the archive was uncompressed. (CVE-2014-8141)

Red Hat would like to thank oCERT for reporting the CVE-2014-8139,
CVE-2014-8140, and CVE-2014-8141 issues. oCERT acknowledges Michele
Spagnuolo of the Google Security Team as the original reporter of
these issues.

All unzip users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues.

See also :

https://oss.oracle.com/pipermail/el-errata/2015-March/004911.html
https://oss.oracle.com/pipermail/el-errata/2015-March/004912.html

Solution :

Update the affected unzip package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 81947 ()

Bugtraq ID:

CVE ID: CVE-2014-8139
CVE-2014-8140
CVE-2014-8141
CVE-2014-9636

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now