Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gunzip vulnerabilities and exploits
(subscribe to this query)
625
VMScore
CVE-2002-0211
Race condition in the installation script for Tarantella Enterprise 3 3.01 up to and including 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it i...
Tarantella Tarantella Enterprise 3.3.10
Tarantella Tarantella Enterprise 3.3.11
Tarantella Tarantella Enterprise 3.3.20
Tarantella Tarantella Enterprise 3.3.0.1
Tarantella Tarantella Enterprise 3.3.0
1 EDB exploit
725
VMScore
CVE-2001-0087
itetris/xitetris 1.6.2 and previous versions trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
Michael Glickman Itetris 1.6.2
Michael Glickman Itetris 1.6.1
1 EDB exploit
409
VMScore
CVE-2003-0949
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.
Michael Bischoff Xsok 1.02
445
VMScore
CVE-2005-1228
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 up to and including 1.3.5 allows remote malicious users to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Gnu Gzip 1.3.3
Gnu Gzip 1.2.4
668
VMScore
CVE-2005-0638
xloadimage prior to 4.1-r2, and xli prior to 1.17, allows malicious users to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
Xli Xli 1.17
Xli Xli 1.16
Xli Xli 1.14
Xli Xli 1.15
Suse Suse Linux 6.2
Suse Suse Linux 6.3
Suse Suse Linux 9.3
Suse Suse Linux 4.0
Suse Suse Linux 7.1
Suse Suse Linux 9.2
Suse Suse Linux 9.1
Suse Suse Linux 9.0
Suse Suse Linux 8.2
Altlinux Alt Linux 2.3
Suse Suse Linux 7.3
Suse Suse Linux 5.0
Suse Suse Linux 4.4.1
Suse Suse Linux 7.2
Suse Suse Linux 8.0
Suse Suse Linux 7.0
Suse Suse Linux 5.2
Suse Suse Linux 3.0
890
VMScore
CVE-2009-1216
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x prior to 7....
Microsoft Windows Vista
Microsoft Windows Services For Unix 3.5
Microsoft Windows Services For Unix 3.0
Microsoft Subsystem For Unix-based Applications
Microsoft Windows Server 2008
448
VMScore
CVE-2017-9434
Crypto++ (aka cryptopp) up to and including 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.
Cryptopp Crypto++
329
VMScore
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.3.3
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Freebsd Freebsd 4.3
Redhat Enterprise Linux 2.1
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.6
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Redhat Enterprise Linux 4.0
Trustix Secure Linux 2.0
Redhat Enterprise Linux Desktop 3.0
Freebsd Freebsd 5.1
Ubuntu Ubuntu Linux 4.1
Redhat Linux Advanced Workstation 2.1
Freebsd Freebsd 4.4
Redhat Enterprise Linux 3.0
Freebsd Freebsd 4.8
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Freebsd Freebsd 4.7
Freebsd Freebsd 5.2.1
Freebsd Freebsd 5.0
755
VMScore
CVE-2003-0380
Buffer overflow in atftp daemon (atftpd) 0.6.1 and previous versions, and possibly later versions, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long filename.
Atftpd Atftpd 0.6.1.1
Atftpd Atftpd 0.6.0
1 EDB exploit
755
VMScore
CVE-2002-0068
Squid 2.4 STABLE3 and previous versions allows remote malicious users to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
Squid Squid
Redhat Linux 7.2
Redhat Linux 6.2
Redhat Linux 7.1
Redhat Linux 7.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »