Command Execution Vulnerability in Gzip by GNU
CVE-2004-0603

Currently unrated

Key Information:

Vendor

Gnu
Status
Gzip
Vendor
CVE Published:
6 December 2004

What is CVE-2004-0603?

The Gzip utility, specifically the gzexe component, in versions 1.3.3 and earlier is affected by a flaw where it improperly handles the creation of temporary files. When this process fails, gzexe does not terminate as expected, instead, it executes the provided arguments. This behavior creates a pathway for both remote attackers and local users to execute arbitrary commands on the underlying system, posing a significant security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://bugs.gentoo.org/show_bug.cgi?id=54890
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/16506
vdb-entryx_refsource_XF
http://security.gentoo.org/glsa/glsa-200406-18.xml
vendor-advisoryx_refsource_GENTOO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.