zgrep in gzip prior to 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gzip |
||
canonical ubuntu linux 4.10 |
||
canonical ubuntu linux 5.04 |