Vulnerability Name:

CVE-2007-1673 (CCN-34080)

Assigned:2007-05-04
Published:2007-05-04
Updated:2018-10-16
Summary:unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
http://xforce.iss.net/xforce/xfdb/34080


For Barracuda Spam Firewall:
Upgrade to the latest virus definition version of Barracuda Spam Firewall (virusdef 2.0.6399 for 3.4 and after or virusdef 2.0.6399o for prior to 3.4), available from the automatic update.

For Panda Software Antivirus:
Upgrade to the latest version of Panda Software Antivirus (4/2/2007 or later), available from the automatic update feature.

For avast! antivirus:
Upgrade to the latest version of Panda Software Antivirus (4.7.981 or later), available from the avast! antivirus Web site. See references.

For Avira AntiVir:
Upgrade to the latest version of Avira AntiVir (avpack32.dll version 7.3.0.6 or later), available from the automatic update feature.

For AMaViS:
Refer to ASA-2007-2 for patch, upgrade, or suggested workaround information. See References.
CVSS v3 Severity:7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
6.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
6.1 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: unzoo Web site
Tools

Source: CCN
Type: BugTraq Mailing List, Fri May 04 2007 - 10:14:45 CDT
Multiple vendors ZOO file decompression infinite loop DoS

Source: MITRE
Type: CNA
CVE-2007-1669

Source: MITRE
Type: CNA
CVE-2007-1670

Source: MITRE
Type: CNA
CVE-2007-1671

Source: MITRE
Type: CNA
CVE-2007-1672

Source: MITRE
Type: CNA
CVE-2007-1673

Source: MITRE
Type: CNA
CVE-2007-2535

Source: MITRE
Type: CNA
CVE-2007-2536

Source: OSVDB
Type: UNKNOWN
36208

Source: CCN
Type: SA25122
Barracuda Spam Firewall Zoo Denial of Service Vulnerability

Source: CCN
Type: SA25137
avast! Zoo Denial of Service Vulnerability

Source: CCN
Type: SA25140
Avira AntiVir Zoo Denial of Service Vulnerability

Source: CCN
Type: SA25152
Panda AntiVirus Zoo Denial of Service Vulnerability

Source: CCN
Type: SA25315
Amavis Zoo Denial of Service Vulnerability

Source: SECUNIA
Type: Vendor Advisory
25315

Source: SREASON
Type: UNKNOWN
2680

Source: CCN
Type: ASA-2007-2
ZOO archive decompression infinite loop DoS

Source: CONFIRM
Type: UNKNOWN
http://www.amavis.org/security/asa-2007-2.txt

Source: CCN
Type: avast! antivirus Web site
avast! antivirus updates

Source: CCN
Type: Avira AntiVir Web site
Anti virus for Linux, Windows and more with firewall, antispam, recovery security - Avira AntiVir

Source: CCN
Type: Barracuda Spam Firewall Web site
Spam Filter / Spam Firewall / Web Filter / Spam Appliance / Load Balancer / Content Filter

Source: CCN
Type: zoo archive Web site
zoo: ZOO archive utilities

Source: CCN
Type: OSVDB ID: 35794
avast! Antivirus Crafted Zoo Archive DoS

Source: CCN
Type: OSVDB ID: 35795
Barracuda Spam Firewall Malformed Zoo Archive DoS

Source: CCN
Type: OSVDB ID: 35845
Panda AntiVirus Malformed Zoo Archive Handling DoS

Source: CCN
Type: OSVDB ID: 35911
Avira AntiVir avpack32.dll Malformed Zoo Handling DoS

Source: CCN
Type: OSVDB ID: 36208
unzoo ZOO Archive Malformed direntry Structure DoS

Source: CCN
Type: OSVDB ID: 37302
zoo Decoder unzoo.c Malformed Zoo Archive Handling DoS

Source: CCN
Type: OSVDB ID: 41750
WinAce ZOO Archive Decompression Infinite Loop DoS

Source: CCN
Type: OSVDB ID: 41751
PicoZip ZOO Archive Decompression Infinite Loop DoS

Source: CCN
Type: Panda Software Antivirus Web site
Antivirus, anti-spyware, anti-spam, firewall. Protect yourself with Panda

Source: CCN
Type: PicoZip Web site
Zip and UnZip Files Easily - Download WinZip and PKZip compatible software

Source: BUGTRAQ
Type: UNKNOWN
20070504 Multiple vendors ZOO file decompression infinite loop DoS

Source: BID
Type: Exploit
23823

Source: CCN
Type: BID-23823
Multiple Vendors Zoo Compression Algorithm Remote Denial of Service Vulnerability

Source: CCN
Type: WinAce Web site
WinAce - your archiving companion

Source: XF
Type: UNKNOWN
multiple-vendor-zoo-dos(34080)

Source: XF
Type: UNKNOWN
multiple-vendor-zoo-dos(34080)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:amavis:amavis:*:*:*:*:*:*:*:* (Version <= 2.4.1)
  • OR cpe:/a:avast:avast_antivirus:4.6.394:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus:4.7.652:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus:4.7.700:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus:*:*:*:*:*:*:*:* (Version <= 4.7.980)
  • OR cpe:/a:avast:avast_antivirus_home:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.6:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.6.652:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.6.655:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.6.665:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.6.691:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.827:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.827:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.844:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.844:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.869:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.869:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.1043:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.1043:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.1098:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_home:4.7.1098:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.6:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.6.603:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.6.652:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.6.665:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.6.691:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.827:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.827:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.844:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.844:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.869:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.1043:*:*:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.1043:*:windows:*:*:*:*:*
  • OR cpe:/a:avast:avast_antivirus_professional:4.7.1098:*:*:*:*:*:*:*
  • OR cpe:/a:avira:antivir:*:*:*:*:*:*:*:*
  • OR cpe:/a:avira:antivir:6.35.00.00:*:*:*:*:*:*:*
  • OR cpe:/a:avira:antivir:7.04.00.23:*:*:*:*:*:*:*
  • OR cpe:/a:avira:antivir_personal:*:*:*:*:*:*:*:*
  • OR cpe:/a:avira:antivir_personal:*:*:classic:*:*:*:*:*
  • OR cpe:/a:avira:antivir_personal:*:*:premium:*:*:*:*:*
  • OR cpe:/a:avira:antivir_personal:7:*:*:*:*:*:*:*
  • OR cpe:/a:avira:antivir_personal:7:*:classic:*:*:*:*:*
  • OR cpe:/a:avira:antivir_personal:*:*:*:*:*:*:*:* (Version <= 7.3.0.5)
  • OR cpe:/a:panda:panda_antivirus:2007:*:*:*:*:*:*:*
  • OR cpe:/a:panda:panda_antivirus_and_firewall:2007:*:*:*:*:*:*:*
  • OR cpe:/a:picozip:picozip:*:*:*:*:*:*:*:*
  • OR cpe:/a:rahul_dhesi:zoo:*:*:*:*:*:*:*:* (Version <= 2.10)
  • OR cpe:/a:unzoo:unzoo:4.4:*:*:*:*:*:*:*
  • OR cpe:/a:winace:winace:*:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:*:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_100:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_200:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_300:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_400:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_500:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_600:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_800:*:*:*:*:*:*:*
  • OR cpe:/h:barracuda_networks:barracuda_spam_firewall:model_900:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    amavis amavis *
    avast avast antivirus 4.6.394
    avast avast antivirus 4.7.652
    avast avast antivirus 4.7.700
    avast avast antivirus *
    avast avast antivirus home 4.0
    avast avast antivirus home 4.6
    avast avast antivirus home 4.6.652
    avast avast antivirus home 4.6.655
    avast avast antivirus home 4.6.665
    avast avast antivirus home 4.6.691
    avast avast antivirus home 4.7.827
    avast avast antivirus home 4.7.827
    avast avast antivirus home 4.7.844
    avast avast antivirus home 4.7.844
    avast avast antivirus home 4.7.869
    avast avast antivirus home 4.7.869
    avast avast antivirus home 4.7.1043
    avast avast antivirus home 4.7.1043
    avast avast antivirus home 4.7.1098
    avast avast antivirus home 4.7.1098
    avast avast antivirus professional 4.0
    avast avast antivirus professional 4.6
    avast avast antivirus professional 4.6.603
    avast avast antivirus professional 4.6.652
    avast avast antivirus professional 4.6.665
    avast avast antivirus professional 4.6.691
    avast avast antivirus professional 4.7.827
    avast avast antivirus professional 4.7.827
    avast avast antivirus professional 4.7.844
    avast avast antivirus professional 4.7.844
    avast avast antivirus professional 4.7.869
    avast avast antivirus professional 4.7.1043
    avast avast antivirus professional 4.7.1043
    avast avast antivirus professional 4.7.1098
    avira antivir *
    avira antivir 6.35.00.00
    avira antivir 7.04.00.23
    avira antivir personal *
    avira antivir personal *
    avira antivir personal *
    avira antivir personal 7
    avira antivir personal 7
    avira antivir personal *
    panda panda antivirus 2007
    panda panda antivirus and firewall 2007
    picozip picozip *
    rahul_dhesi zoo *
    unzoo unzoo 4.4
    winace winace *
    barracuda_networks barracuda spam firewall *
    barracuda_networks barracuda spam firewall model_100
    barracuda_networks barracuda spam firewall model_200
    barracuda_networks barracuda spam firewall model_300
    barracuda_networks barracuda spam firewall model_400
    barracuda_networks barracuda spam firewall model_500
    barracuda_networks barracuda spam firewall model_600
    barracuda_networks barracuda spam firewall model_800
    barracuda_networks barracuda spam firewall model_900