Mandrake Linux Security Advisory : perl-Archive-Zip (MDKSA-2004:118)
High Nessus Plugin ID 15598
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionRecently, it was noticed that several antivirus programs miss viruses that are contained in ZIP archives with manipulated directory data.
The global archive directory of these ZIP file have been manipulated to indicate zero file sizes.
Archive::Zip produces files of zero length when decompressing this type of ZIP file. This causes AV products that use Archive::ZIP to fail to detect viruses in manipulated ZIP archives. One of these products is amavisd-new.
The updated packages are patched to fix this problem.
SolutionUpdate the affected perl-Archive-Zip package.