Vulnerability in Freebsd
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed…
EPSS: 0.007 (46.4th percentile) — read the EPSS interpretation.
Affected products
- Freebsd — versions 4.0, 4.1, 4.1.1
- Gentoo Linux
- Gnu Gzip — versions 1.2.4, 1.2.4a, 1.3.3
- Trustix Secure_linux — versions 2.0, 2.1, 2.2
- Turbolinux Turbolinux_appliance_server — versions 1.0_hosting, 1.0_workgroup
- Turbolinux Turbolinux_desktop — versions 10.0
- Turbolinux Turbolinux_home
- Turbolinux Turbolinux_server — versions 7.0, 8.0, 10.0
- Turbolinux Turbolinux_workstation — versions 7.0, 8.0
- Redhat Enterprise_linux — versions 2.1, 3.0, 4.0
References
- cve@mitre.org (vendor-advisory, x_refsource_APPLE)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (US Government Resource, x_refsource_CERT, third-party-advisory)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)