CVE-2005-0988 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-0988
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0988

Description: Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

CVE Status: Candidate

References: SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 SCO SAID Secunia Advisory: SA18100 Secunia Advisory: SA21253 Secunia Advisory: SA22033 REDHAT http://rhn.redhat.com/errata/RHSA-2005-357.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:765 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1169 OSVDB 15487 DEBIAN http://www.debian.org/security/2005/dsa-752 CERT http://www.us-cert.gov/cas/techalerts/TA06-214A.html BUGTRAQ http://www.securityfocus.com/archive/1/394965 BID 19289 12996 APPLE http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

Return to the previous page.