Mandrake Linux Security Advisory : unzip (MDKSA-2002:065)
Low Nessus Plugin ID 13966
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA directory traversal vulnerability was discovered in unzip version 5.42 and earlier that allows attackers to overwrite arbitrary files during extraction of the archive by using a '..' (dot dot) in an extracted filename, as well as prefixing filenames in the archive with '/' (slash).
SolutionUpdate the affected unzip package.