CVE-2005-1111

Published: Apr 16, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20050413 cpio TOCTOU file-permissions vulnerability

mailing-list

x_refsource_BUGTRAQ

17532

third-party-advisory

x_refsource_SECUNIA

17123

third-party-advisory

x_refsource_SECUNIA

15725

vdb-entry

x_refsource_OSVDB

RHSA-2005:378

vendor-advisory

x_refsource_REDHAT

16998

third-party-advisory

x_refsource_SECUNIA

13159

vdb-entry

x_refsource_BID

DSA-846

vendor-advisory

x_refsource_DEBIAN

USN-189-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SR:2006:010

vendor-advisory

x_refsource_SUSE

20117

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:9783

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:358

vdb-entry

signature

x_refsource_OVAL

RHSA-2005:806

vendor-advisory

x_refsource_REDHAT

18395

third-party-advisory

x_refsource_SECUNIA

18290

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-1111

Description

Affected Products

References