unace contains a flaw that allows a local or remote attacker to traverse outside of a restricted path. The issue is due to the program not properly sanitizing user input, specifically directory traversal style attacks (e.g. ../../) or absolute paths supplied via the filenames in ACE archives. This directory traversal attack would allow the attacker to create files in arbitrary directories on the system.

Currently, there are no known upgrades or patches to correct this vulnerability for unace. Upgrade to avast! Home/Professional Edition version 4.6.691 or higher, avast! Server Edition version 4.6.489 or higher, or avast! Managed Client version 4.6.394 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1013265 1014544
• Related OSVDB ID: 14058 14059
• Secunia Advisory ID: 14359 15741 15776
• CVE ID: 2005-0161 (see also: NVD) 2005-2384 (see also: NVD)
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0476.html
  http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0120.html
• Other Advisory URL: http://secunia.com/secunia_research/2005-20/advisory/
  http://www.novell.com/linux/security/advisories/2005_16_sr.html

• Ulf Harnhammar - Debian Security Audit Project
• Tan Chew Keong - Secunia Research