Exploit the possiblities

Debian Security Advisory 4083-1

Debian Security Advisory 4083-1
Posted Jan 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4083-1 - Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2017-1000472
MD5 | a45b8d30d6ca7026bed1a8599319f4b9

Debian Security Advisory 4083-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4083-1 security@debian.org
https://www.debian.org/security/ Sebastien Delafond
January 11, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : poco
CVE ID : CVE-2017-1000472

Stephan Zeisberg discovered that poco, a collection of open source C++
class libraries, did not correctly validate file paths in ZIP
archives. An attacker could leverage this flaw to create or overwrite
arbitrary files.

For the oldstable distribution (jessie), this problem has been fixed
in version 1.3.6p1-5+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 1.7.6+dfsg1-5+deb9u1.

We recommend that you upgrade your poco packages.

For the detailed security status of poco please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/poco

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlpXJZkACgkQEL6Jg/PV
nWQSAAgAyZdKxW5ach7bfDAW9JiPHMAMW5Z32DFgmcEqfmYhFbTa9I3nF6yABjiJ
QTF2eSwmPDua6QzozOI4OGAFfO0aJ4DH70pEuj1B0Ea5CItiMeZXXFiquL6sdjud
OJTt1Iwh5eKRW0iOenQw24QU4Zd6r254MpIYtppdHfVYF45/E08KcTh78yTEpB5a
XR4L23oVQOonytc0GASV/mogfce5bPRMvaGMONQo3d66Dfe5grFFUfO9yrhT47G1
r3eIsMvPWHp6tiCToiZ4nc2/z+o8rp/oBP+y9imvHrZXpsdEjl9DOM0miBrqmzZ6
NOSk3Dywnxm+JPwxJNNf/fm7zbYALw==
=cZI8
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close