TZipBuilder ZIP File Buffer Overflow Vulnerability
BID:17880
Info
TZipBuilder ZIP File Buffer Overflow Vulnerability
| Bugtraq ID: | 17880 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-2161 |
| Remote: | Yes |
| Local: | No |
| Published: | May 08 2006 12:00AM |
| Updated: | May 19 2006 05:48PM |
| Credit: | Tan Chew Keong of Secunia Research disclosed this vulnerability. |
| Vulnerable: |
Roger Aelbrecht TZipBuilder 1.79.3 .01 Erik Dienske Abakt 0.9.3 -beta1 Erik Dienske Abakt 0.9.2 CAM Development CAM UnZip 4.3 CAM Development CAM UnZip 4.0 |
| Not Vulnerable: |
Roger Aelbrecht TZipBuilder 1.79.4 .00 Erik Dienske Abakt 0.9.3 -RC1 CAM Development CAM UnZip 4.4 |
Discussion
TZipBuilder ZIP File Buffer Overflow Vulnerability
TZipBuilder is susceptible to a buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
This issue allows attackers to execute arbitrary machine code in the context of users running the affected application.
Version 1.79.03.01 of TZipBuilder is vulnerable to this issue; prior versions may also be affected.
TZipBuilder is susceptible to a buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
This issue allows attackers to execute arbitrary machine code in the context of users running the affected application.
Version 1.79.03.01 of TZipBuilder is vulnerable to this issue; prior versions may also be affected.
Exploit / POC
TZipBuilder ZIP File Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
TZipBuilder ZIP File Buffer Overflow Vulnerability
Solution:
This issue has been addressed in version 1.79.04.00.
CAM Development CAM UnZip 4.3
CAM Development CAM UnZip 4.0
Erik Dienske Abakt 0.9.2
Erik Dienske Abakt 0.9.3 -beta1
Roger Aelbrecht TZipBuilder 1.79.3 .01
Solution:
This issue has been addressed in version 1.79.04.00.
CAM Development CAM UnZip 4.3
-
CAM Development CAM UnZip V4.4
http://www.camunzip.com/download.htm
CAM Development CAM UnZip 4.0
-
CAM Development CAM UnZip V4.4
http://www.camunzip.com/download.htm
Erik Dienske Abakt 0.9.2
-
Erik Dienske abakt-0.9.3-RC1.exe
http://www.xs4all.nl/~edienske/abakt/download/abakt-0.9.3-RC1.exe
Erik Dienske Abakt 0.9.3 -beta1
-
Erik Dienske abakt-0.9.3-RC1.exe
http://www.xs4all.nl/~edienske/abakt/download/abakt-0.9.3-RC1.exe
Roger Aelbrecht TZipBuilder 1.79.3 .01
-
Roger Aelbrecht ZipBuilder1790400.zip
http://www.drehoeksw.net/downloads/ZipBuilder1790400.zip
References
TZipBuilder ZIP File Buffer Overflow Vulnerability
References:
References:
- Abakt Home Page (Erik Dienske)
- Abakt ZIP File Handling Buffer Overflow Vulnerability (Secunia)
- CAM UnZip (CAM Development)
- Release Notes (Erik Dienske)
- TZipBuilder Home Page (Roger Aelbrecht)
- Secunia Research: TZipBuilder ZIP File Handling Buffer Overflow Vulnerability (Secunia Research