| VID |
28109 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of WinZip which is older than 9.0-SR1 is detected as installed on the host. The WinZip utility is a popular ZIP compression tool for Microsoft Windows platforms. WinZip versions 9.0 and earlier are vulnerable to multiple buffer overflow vulnerabilities, due to insufficient bounds checking when processing zip archives. In addition, a local buffer overflow vulnerability was reported as well. This issue can be triggered through the command line. These vulnerabilities could allow an attacker to execute arbitrary code via multiple vectors, including the command line.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.ciac.org/ciac/bulletins/o-211.shtml
http://www.securitytracker.com/alerts/2004/Sep/1011132.html
* Platforms Affected:
WinZip Computing, Inc., WinZip versions 9.0 and earlier
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of WinZip (9.0 SR-1 or later), available from the WinZip Download Web page at http://www.winzip.com/upgrade.htm |
| Related URL |
CVE-2004-1465 (CVE) |
| Related URL |
11092 (SecurityFocus) |
| Related URL |
17197 (ISS) |
|
