On Friday, October 4, 2002, at 12:26 PM, Jesse Walker wrote: > This is Aladdin's response to the Stuffit Expander security > vulnerability mentioned on this mailing list: > > "Essentially the issue is that someone could theoretically craft a .zip > archive which contained an illegally long file name. When affected > utilities attempt to expand this archive a buffer overrun could > potentially allow arbitrary code to be executed. Such an archive would > basically be a 'trojan horse.' > > "To date there have been no such archives detected (or created by > ourselves, Apple, or CERT) and there are be significant technical > barriers to doing so. Even then such an archive would have to be > crafted to individually exploit a particular decompression utility > running on a specific OS. While we see this as a very small risk, we > are concerned about creating the most secure software possible and > recommend that users download and use the latest version of StuffIt > Expander 7.0, which is not vulnerable, to reduce the potential risk > even further." > > Emphasis is mine. Just wanted to pass this along so everyone could make > an informed decision as to whether or not to upgrade. > > Jesse > >
You might also want to read TidBITS on the subject: http://www.tidbits.com/tb-issues/TidBITS-648.html#lnk3 Anne -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1407 bytes Desc: not available Url : http://www.math.louisville.edu/pipermail/macgroup/attachments/20021004/93174b73/attachment.bin
