Info

Disclosure

Jul 25, 2006

Discovery

Jul 03, 2006

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in TurboZIP. TurboZIP fails to properly repair a crafted ZIP file archive resulting in a stack overflow. By using a long filename (>2048 bytes) in the ZIP archive, an attacker can trick someone into opening and repairing the archive to execute arbitrary code.

Classification

Location: Local Access Required
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Unknown

Solution

Upgrade to the version released on 2006-07-23 (which contains DZIP32.DLL version 5.0.0.8) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

FileStream Inc.

TurboZIP

6.0

References

Secunia Advisory ID: 21177
ISS X-Force ID: 27936
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0582.html
Other Advisory URL: http://vuln.sg/turbozip6-en.html
Vendor URL: http://www.filestream.com/turbozip/downloads.html

Credit

Tan Chew Keong - chewkeongvuln.sg - Vuln.sg

Direct URL: http://osvdb.org/36218