BID:52658

libzip Multiple Buffer Overflow Vulnerabilities

Info

libzip Multiple Buffer Overflow Vulnerabilities

Bugtraq ID:	52658
Class:	Boundary Condition Error
CVE:	CVE-2012-1162 CVE-2012-1163
Remote:	Yes
Local:	No
Published:	Mar 21 2012 12:00AM
Updated:	Apr 13 2015 09:27PM
Credit:	Vendor reported this issue.
Vulnerable:	Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 libzip libzip 0.10 Gentoo Linux Genki Sugawara Zip/Ruby 0.3.6

Not Vulnerable:	libzip libzip 0.10.1

Discussion

libzip Multiple Buffer Overflow Vulnerabilities

libzip is prone to multiple buffer-overflow vulnerabilities because it fails to properly bounds check user-supplied data.

An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

libzip versions prior to 0.10.1 are vulnerable.

Exploit / POC

libzip Multiple Buffer Overflow Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

libzip Multiple Buffer Overflow Vulnerabilities

Solution:
Updates are available. Please see the references for more information.

Mandriva Linux Mandrake 2011 x86_64

Mandriva lib64zip-devel-0.10.1-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64zip2-0.10.1-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip-0.10.1-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2011

Mandriva libzip-0.10.1-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip-devel-0.10.1-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip2-0.10.1-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

MandrakeSoft Enterprise Server 5

Mandriva libzip-0.10.1-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip-devel-0.10.1-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip2-0.10.1-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2010.1 x86_64

Mandriva lib64zip-devel-0.10.1-0.1mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64zip2-0.10.1-0.1mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip-0.10.1-0.1mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2010.1

Mandriva libzip-0.10.1-0.1mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip-devel-0.10.1-0.1mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip2-0.10.1-0.1mdv2010.2.i586.rpm
http://www.mandriva.com/en/downloads/

MandrakeSoft Enterprise Server 5 x86_64

Mandriva lib64zip-devel-0.10.1-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64zip2-0.10.1-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva libzip-0.10.1-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/

References

libzip Multiple Buffer Overflow Vulnerabilities

References:

libzip Homepage (libzip)
libzip: libzip-discuss: libzip-0.10.1 security fix release (Thomas Klausner)
PRE-CERT Security Advisory (Thomas Klausner and Timo Warns)
Zip/Ruby (Genki Sugawara)