CVE-2005-0988

Currently unrated

Key Information:

Vendor: Gnu
Status: Gzip
Vendor: CVE Published:; 2 May 2005

Summary

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

References

http://lists.apple.com/archives/security-announce/2006//A...

vendor-advisoryx_refsource_APPLE

http://secunia.com/advisories/22033

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/3101

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 6, 2005