Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gunzip vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0211
Race condition in the installation script for Tarantella Enterprise 3 3.01 up to and including 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it i...
Tarantella Tarantella Enterprise 3.3.10
Tarantella Tarantella Enterprise 3.3.11
Tarantella Tarantella Enterprise 3.3.20
Tarantella Tarantella Enterprise 3.3.0.1
Tarantella Tarantella Enterprise 3.3.0
1 EDB exploit
NA
CVE-2001-0087
itetris/xitetris 1.6.2 and previous versions trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
Michael Glickman Itetris 1.6.1
Michael Glickman Itetris 1.6.2
1 EDB exploit
NA
CVE-2003-0949
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.
Michael Bischoff Xsok 1.02
NA
CVE-2005-1228
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 up to and including 1.3.5 allows remote malicious users to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Gnu Gzip 1.2.4
Gnu Gzip 1.3.3
NA
CVE-2005-0638
xloadimage prior to 4.1-r2, and xli prior to 1.17, allows malicious users to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
Xli Xli 1.14
Xli Xli 1.15
Xli Xli 1.16
Xli Xli 1.17
Suse Suse Linux 1.0
Suse Suse Linux 2.0
Suse Suse Linux 5.0
Suse Suse Linux 5.1
Suse Suse Linux 6.3
Suse Suse Linux 7.0
Suse Suse Linux 7.2
Suse Suse Linux 8.2
Suse Suse Linux 9.0
Suse Suse Linux 3.0
Suse Suse Linux 4.0
Suse Suse Linux 5.2
Suse Suse Linux 5.3
Suse Suse Linux 6.4
Suse Suse Linux 7.1
Suse Suse Linux 7.3
Suse Suse Linux 9.1
Suse Suse Linux 4.2
NA
CVE-2009-1216
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x prior to 7....
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Services For Unix 3.0
Microsoft Windows Services For Unix 3.5
Microsoft Subsystem For Unix-based Applications
5.3
CVSSv3
CVE-2017-9434
Crypto++ (aka cryptopp) up to and including 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.
Cryptopp Crypto\\+\\+
NA
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.11
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
Freebsd Freebsd 4.9
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Turbolinux Turbolinux Appliance Server 1.0 Hosting
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Ubuntu Ubuntu Linux 4.1
Freebsd Freebsd 4.0
Freebsd Freebsd 4.10
Freebsd Freebsd 4.3
Freebsd Freebsd 4.8
NA
CVE-2002-0068
Squid 2.4 STABLE3 and previous versions allows remote malicious users to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
Squid Squid
Redhat Linux 6.2
Redhat Linux 7.1
Redhat Linux 7.2
Redhat Linux 7.0
1 EDB exploit
NA
CVE-2003-0262
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.
Leksbot Leksbot 1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »