CVE-2005-1228 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-1228
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-1228

Description: Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/20199 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 SCO SAID Secunia Advisory: SA15047 Secunia Advisory: SA18100 Secunia Advisory: SA21253 Secunia Advisory: SA22033 REDHAT http://rhn.redhat.com/errata/RHSA-2005-357.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:170 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:382 OSVDB 15721 DEBIAN http://www.debian.org/security/2005/dsa-752 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305255 CERT http://www.us-cert.gov/cas/techalerts/TA06-214A.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111402732406477&w=2 BID 19289 APPLE http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

Return to the previous page.