CVE-2005-1111 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-1111
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-1111

Description: Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-189-1 SUSE http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html SCO SAID Secunia Advisory: SA16998 Secunia Advisory: SA17532 Secunia Advisory: SA17123 Secunia Advisory: SA18395 Secunia Advisory: SA18290 Secunia Advisory: SA20117 REDHAT http://www.redhat.com/support/errata/RHSA-2005-378.html http://www.redhat.com/support/errata/RHSA-2005-806.html OVAL http://oval.mitre.org/oval/definitions/data/oval358.html OSVDB 15725 FREEBSD DEBIAN http://www.debian.org/security/2005/dsa-846 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111342664116120&w=2 BID 13159

Return to the previous page.