Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11588
HistoryFeb 25, 2006 - 12:00 a.m.

StuffIt and ZipMagic Family of products Directory traversal

2006-02-2500:00:00
vulners.com
12
JSON

StuffIt and ZipMagic Family of products Directory
traversal

The StuffIt and ZipMagic Family of products is
designed to meet any level of compression needs; from
basic expansion to advanced archive manipulation,
to automating routine compression tasks, and even
building compression into a software application. Scan
the list of products below to find just the right
StuffIt for you!
www.stuffit.com

Credit:
The information has been provided by Hamid Ebadi
( Hamid Network Security Team) : [email protected].
The original article can be found at :
http://hamid.ir/security

Vulnerable Systems:
StuffIt Standard® 9.0
StuffIt Deluxe® 9.0
ZipMagic Deluxe® 9.0
StuffIt Expander
(9.0.0.21 Engine 9.0.0.21)

Detail :
Directory traversal while extracting (TAR),(ZIP)

What is Directory traversal in archivers?

that allowed one to create malicous archive files,
which would overwrite system files or place dangerous
files in defined directory(example :shell.php in
wwwroot directory)
This could be abused by sending an archive to a local
user who would unzip / untar an archive, the archive
would then be able to overwrite any file to which the
user has write permissions, thus it could also be
abused if a system ran som antivirus software which
automatically opened archive files.

harmless exploit:
use HEAP [Hamid Evil Archive Pack]
you can find it from Hamid Network Security Team:

http://www.hamid.ir/tools/

want to know more ?
http://www.hamid.ir/paper

Signature

Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

JSON