unzip directory traversal revisited problem: well I kinda stumbled over this when i was looking for something else A while back some fuss was made over the use of .. sequences in archives because it allows you to craft an archive which will trojan your system on extraction the creators of unzip fixed this but apperently didn't cover all bases when an archive contains a file like ../JELMER.TXT it will skip it and print out a message like this jelmer.zip warning: skipped "../" path component(s) in jelmer.zip inflating: JELMER.TXT however when i call it . \003 ./JELMER.txt it extracts it just fine or \001 etc unzip jelmer.zip Archive: jelmer.zip extracting: ../JELMER.TXT as it basicly ignores these characters example: i attached a zip file that illustrates the problem it was hacked up using a hex editor vendor status: i just emailed Zip-Bugsat_private tested on : UnZip 5.50 on a gentoo linux and freebsd
This archive was generated by hypermail 2b30 : Sat May 10 2003 - 11:46:46 PDT