The Data Compression News Blog

All about the most recent compression techniques, algorithms, patents, products, tools and events.

Subscribe

Posts: RSS Feed
Comments: RSS Feed

Sponsored Links

Recent Posts

  • Bijective BWT (7 Comments)

    David Scott has written a bijective BWT transform, which brings all the advantages of bijectiveness to BWT based compressors. Among other things, making BWT more suitable for compression-before-encryption and also give (slightly) better compression.

  • Asymmetric Binary System (113 Comments)

    Jarek Duda’s “Asymmetric Binary System” promises to be an alternate to arithmetic coding, having all the advantages, but being much simpler. Matt has coded a PAQ based compressor using ABS for back-end encoding. Update: Andrew Polar has written an alternate implementation of ABS.

  • Precomp: More Compression for your Compressed Files (3 Comments)

    So many of today’s files are already compressed (using old, outdated algorithms) that newer algorithms don’t even get a chance to touch them. Christian Schneider’s Precomp comes to rescue by undoing the harm.

  • On2 Technologies is Hiring

    There aren’t too many companies working on cutting edge codecs, and of those few this one is hiring. Best of luck.

  • China’s AVS Specifications Available (2 Comments)

    Its old news that China has developed their own Advanced Video Standard to avoid high licensing fees. English translation of the standard is now available, along with the IPR policy. Finally something technical that you can get your hands on to feed your appetite.

GNU GZip Filename Directory Traversal Vulnerability

Posted by Sachin Garg on 12th July 2005 | Permanent Link

Ulf Harnhammar has reported a bug in GNU GZip. The issue manifests when gunzip is invoked on a malicious archive using the ‘-N’ switch. An archive containing an absolute path for a filename that contains ‘/’ characters, results in the file getting written using the absolute path contained in the filename. A remote attacker may leverage this issue using a malicious archive to corrupt arbitrary files with the privileges of the user that is running the vulnerable software.

More info on both expolit and solution is available.

Bugtraq ID: 13290
CVE: CAN-2005-1228

After recent Zlib buffer overflow mess, this seems like a tough week for compression guys.

2 Responses to “GNU GZip Filename Directory Traversal Vulnerability”

  1. Mark Adler Says:
    July 14th, 2005 at 9:24 am

    Odd. That’s exactly what gzip is supposed to do, and what’s more, you have to explicitly ask gzip to use the embedded name. If there is a security issue here, it seems like it is a user issue. As far as I know, it is not possible to enforce secure users. :-)

  2. Sachin Garg Says:
    July 14th, 2005 at 10:22 am

    But the advisory even metioned that a newer version (1.3.5-r6?) had this issue fixed… as far as I know JL Gaily doesnt shows up in community anymore and you are the one maitaining it.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This entry was posted on Tuesday, July 12th, 2005 at 11:10 am by Sachin Garg. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.