1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: NetZIP Classic ZIP Parsing

Attack: NetZIP Classic ZIP Parsing

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in NetZip Classic.

Additional Information

Netzip Classic is an application used for handling archive files.

Netzip Classic is prone to a buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. Specifically, the issue occurs when parsing specially crafted '.zip' files.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.

This issue affects Netzip Classic 7.5.1.86; other versions may also be affected.

Affected

  • Netzip Classic 7.5.1.86; other versions may also be affected.

Response

Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: vuldb@securityfocus.com.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube