Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Gentoo: GLSA-200801-01 Normal: unp Arbitrary Command Execution

gentoo
Calendar Grey January 9, 2008
Dist Gentoo Esm H88
Keep updated on Ubuntu Security Notice USN-2023-01: an issue allows potential privilege escalation, ensure your systems are patched quickly.
unp allows execution of arbitrary code via malicious file names.

Summary

Gentoo Linux Security Advisory GLSA 200801-01 https://security.gentoo.org/ Severity: Normal Title: unp: Arbitrary command execution Date: January 09, 2008 Bugs: #203106 ID: 200801-01

Synopsis ======= unp allows execution of arbitrary code via malicious file names.
Background ========= unp is a script for unpacking various file formats.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-arch/unp < 1.0.14 >= 1.0.14
========== Erich Schubert from Debian discovered that unp does not escape file names properly before passing them to calls of the shell.
Impact ===== A remote attacker could entice a user or automated system to unpack a compressed archive wi...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo command execution normal execution threat

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns


Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/33887_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Topics%20covered

Topics Covered

security advisory gentoo command execution normal execution threat

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here