Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gunzip vulnerabilities and exploits
(subscribe to this query)
6.2
CVSSv2
CVE-2002-0211
Race condition in the installation script for Tarantella Enterprise 3 3.01 up to and including 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it i...
Tarantella Tarantella Enterprise 3.3.10
Tarantella Tarantella Enterprise 3.3.11
Tarantella Tarantella Enterprise 3.3.20
Tarantella Tarantella Enterprise 3.3.0.1
Tarantella Tarantella Enterprise 3.3.0
1 EDB exploit
7.2
CVSSv2
CVE-2001-0087
itetris/xitetris 1.6.2 and previous versions trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
Michael Glickman Itetris 1.6.1
Michael Glickman Itetris 1.6.2
1 EDB exploit
4.6
CVSSv2
CVE-2003-0949
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.
Michael Bischoff Xsok 1.02
5
CVSSv2
CVE-2005-1228
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 up to and including 1.3.5 allows remote malicious users to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Gnu Gzip 1.2.4
Gnu Gzip 1.3.3
7.5
CVSSv2
CVE-2005-0638
xloadimage prior to 4.1-r2, and xli prior to 1.17, allows malicious users to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
Xli Xli 1.14
Xli Xli 1.15
Xli Xli 1.16
Xli Xli 1.17
Suse Suse Linux 1.0
Suse Suse Linux 2.0
Suse Suse Linux 5.0
Suse Suse Linux 5.1
Suse Suse Linux 6.3
Suse Suse Linux 7.0
Suse Suse Linux 7.2
Suse Suse Linux 8.2
Suse Suse Linux 9.0
Suse Suse Linux 3.0
Suse Suse Linux 4.0
Suse Suse Linux 5.2
Suse Suse Linux 5.3
Suse Suse Linux 6.4
Suse Suse Linux 7.1
Suse Suse Linux 7.3
Suse Suse Linux 9.1
Suse Suse Linux 4.2
10
CVSSv2
CVE-2009-1216
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x prior to 7....
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Services For Unix 3.0
Microsoft Windows Services For Unix 3.5
Microsoft Subsystem For Unix-based Applications
5
CVSSv2
CVE-2017-9434
Crypto++ (aka cryptopp) up to and including 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.
Cryptopp Crypto\\+\\+
3.7
CVSSv2
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.11
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
Freebsd Freebsd 4.9
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Turbolinux Turbolinux Appliance Server 1.0 Hosting
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Ubuntu Ubuntu Linux 4.1
Freebsd Freebsd 4.0
Freebsd Freebsd 4.10
Freebsd Freebsd 4.3
Freebsd Freebsd 4.8
7.5
CVSSv2
CVE-2003-0380
Buffer overflow in atftp daemon (atftpd) 0.6.1 and previous versions, and possibly later versions, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long filename.
Atftpd Atftpd 0.6.0
Atftpd Atftpd 0.6.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2002-0068
Squid 2.4 STABLE3 and previous versions allows remote malicious users to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
Squid Squid
Redhat Linux 6.2
Redhat Linux 7.1
Redhat Linux 7.2
Redhat Linux 7.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »