Test ID:	1.3.6.1.4.1.25623.1.0.56464
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1012-1)
Summary:	The remote host is missing an update for the Debian 'unzip' package(s) announced via the DSA-1012-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'unzip' package(s) announced via the DSA-1012-1 advisory. Vulnerability Insight: A buffer overflow in the command line argument parsing has been discovered in unzip, the de-archiver for ZIP files, that could lead to the execution of arbitrary code. For the old stable distribution (woody) this problem has been fixed in version 5.50-1woody6. For the stable distribution (sarge) this problem has been fixed in version 5.52-1sarge4. For the unstable distribution (sid) this problem has been fixed in version 5.52-7. We recommend that you upgrade your unzip package. Affected Software/OS: 'unzip' package(s) on Debian 3.0, Debian 3.1. Solution: Please install the updated package(s). CVSS Score: 3.7 CVSS Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-4667 BugTraq ID: 15968 http://www.securityfocus.com/bid/15968 Debian Security Information: DSA-1012 (Google Search) http://www.debian.org/security/2006/dsa-1012 http://www.securityfocus.com/archive/1/430300/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0930.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:050 http://www.osvdb.org/22400 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11252 http://www.redhat.com/support/errata/RHSA-2007-0203.html http://secunia.com/advisories/25098 http://www.trustix.org/errata/2006/0006 https://usn.ubuntu.com/248-1/ https://usn.ubuntu.com/248-2/
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.