Name		Name	Last commit message	Last commit date
parent directory ..
README.md		README.md
alzgen.pl		alzgen.pl

README.md

CVE-2005-3862

Experiment Environment

CentOS 6.4

Ubuntu 14.04

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2005-3862/unalz-0.52.tgz 

tar -xvf unalz-0.52.tgz
cd unalz

make linux-utf8

Problems in Installation & Configuration

add the following header files in UnAlz.h

#include <stdlib.h>
#include <string.h>

How to trigger vulnerability

perl alzgen.pl 25600 test
./unalz/unalz test

PoCs

Unalz 0.x - Archive Filename Buffer Overflow

securityfocus

Vulnerability Details & Patch

Root Cause

UnAlz.cpp:427

        strncpy(inbuf, zipHeader.fileName, size);

Stack Trace

(gdb) info stack
#0  UNALZ::CUnAlz::ReadLocalFileheader (this=0x55555555) at UnAlz.cpp:428
#1  0x55555555 in ?? ()
#2  0x55555555 in ?? ()
#3  0x55555555 in ?? ()

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2005-3862

CVE-2005-3862

README.md

CVE-2005-3862

Experiment Environment

INSTALL & Configuration

Problems in Installation & Configuration

How to trigger vulnerability

PoCs

Vulnerability Details & Patch

Root Cause

Stack Trace

References

Files

CVE-2005-3862

Directory actions

More options

Directory actions

More options

Latest commit

History

CVE-2005-3862

Folders and files

parent directory

README.md

CVE-2005-3862

Experiment Environment

INSTALL & Configuration

Problems in Installation & Configuration

How to trigger vulnerability

PoCs

Vulnerability Details & Patch

Root Cause

Stack Trace

References