Back to search
CVE-2005-0988
Published: Apr 6, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
APPLE-SA-2006-08-01
vendor-advisory
x_refsource_APPLE
22033
third-party-advisory
x_refsource_SECUNIA
ADV-2006-3101
vdb-entry
x_refsource_VUPEN
21253
third-party-advisory
x_refsource_SECUNIA
DSA-752
vendor-advisory
x_refsource_DEBIAN
101816
vendor-advisory
x_refsource_SUNALERT
RHSA-2005:357
vendor-advisory
x_refsource_REDHAT
19289
vdb-entry
x_refsource_BID
TA06-214A
third-party-advisory
x_refsource_CERT
12996
vdb-entry
x_refsource_BID
15487
vdb-entry
x_refsource_OSVDB
oval:org.mitre.oval:def:765
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:10242
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:1169
vdb-entry
signature
x_refsource_OVAL
18100
third-party-advisory
x_refsource_SECUNIA
SSA:2006-262
vendor-advisory
x_refsource_SLACKWARE
20050404 gzip TOCTOU file-permissions vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now