Race Condition in Directory Deletion and Move for GNU File Utilities
CVE-2002-0435

Currently unrated

Key Information:

Vendor: Gnu
Status: Fileutils
Vendor: CVE Published:; 26 July 2002

What is CVE-2002-0435?

A race condition present in the recursive deletion and moving of directories in GNU File Utilities (version 4.1 and earlier) allows a local user to manipulate the deletion process. By moving a directory that is in the process of being deleted, the user can interrupt the flow and cause the file utility to change to an unexpected parent directory, potentially exposing critical parts of the file system including root directories and compromising the integrity of the file structure.

References

http://www.redhat.com/support/errata/RHSA-2003-016.html

vendor-advisoryx_refsource_REDHAT

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002...

vendor-advisoryx_refsource_MANDRAKE

http://mail.gnu.org/archive/html/bug-fileutils/2002-03/ms...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2002
Vulnerability Reserved
Jun 7, 2002

Gnu

What is CVE-2002-0435?

References

Timeline