CVE-2005-0758 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-0758
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0758

Description: zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/20539 UBUNTU http://www.ubuntu.com/usn/usn-158-1 ST 1013928 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 SGI SCO SAID Secunia Advisory: SA18100 Secunia Advisory: SA19183 Secunia Advisory: SA22033 Secunia Advisory: SA26235 REDHAT http://rhn.redhat.com/errata/RHSA-2005-357.html http://www.redhat.com/support/errata/RHSA-2005-474.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1081 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1107 OSVDB 16371 OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.002.html MISC http://bugs.gentoo.org/show_bug.cgi?id=90626 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:027 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:026 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200505-05.xml FEDORA http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_158801__Updated_bzip2_packages_fix_security_issues.html CONFIRM http://docs.info.apple.com/article.html?artnum=306172 BID 13582 25159 APPLE http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

Return to the previous page.