bzip2 prior to 1.0.2 in FreeBSD 4.5 and previous versions, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bzip bzip2 0.9.5a |
||
bzip bzip2 0.9.5b |
||
bzip bzip2 0.9.5c |
||
bzip bzip2 0.9.5d |
||
bzip bzip2 1.0 |
||
bzip bzip2 0.9.0 |
||
bzip bzip2 0.9.0b |
||
bzip bzip2 1.0.1 |
||
bzip bzip2 0.9.0a |
||
bzip bzip2 0.9.0c |