WinHKI ZIP directory traversal
| winhki-zip-directory-traversal (18798) |  Medium Risk |
Description:
WinHKI could allow a remote attacker to traverse directories on the system. A remote attacker could create a specially-crafted ZIP archive containing "dot dot" sequences (/../) to cause the file to be extracted to an arbitrary location, once the archive is processed by WinAce.
Platforms Affected:
- Hanspeter Imp, WinHKI 1.4d
Remedy:
Upgrade to the latest version of WinHKI (1.4f or later), available from the WinHKI Web site. See References.
Consequences:
Obtain Information
References:
- VulnWatch Mailing List, Thu Jan 06 2005 - 02:21:39 CST , WinAce & WinHKI - ZIP File Directory Transversal at http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0015.html.
- WinHKI Web site, WinHKI at http://www.winhki.com/.
- BID-12176: WinHKI Multiple Remote Vulnerabilities
- CVE-2005-0213: Directory traversal vulnerability in WinHKI 1.4d allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a zip file.
- SA13738: WinHKI Archive Extraction Directory Traversal Vulnerability
- SECTRACK ID: 1012798: WinHKI Lets Malicious Archives Create Files in Alternate Locations or Deny Service
Reported:
Jan 06, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net