Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gzip 1.2.4 |
||
gnu gzip 1.2.4a |
||
gnu gzip 1.3.3 |
||
freebsd freebsd 4.1.1 |
||
freebsd freebsd 4.11 |
||
freebsd freebsd 4.4 |
||
freebsd freebsd 4.5 |
||
freebsd freebsd 4.6 |
||
freebsd freebsd 4.7 |
||
freebsd freebsd 4.9 |
||
freebsd freebsd 5.1 |
||
freebsd freebsd 5.3 |
||
redhat enterprise linux 2.1 |
||
redhat enterprise linux 4.0 |
||
redhat enterprise linux desktop 3.0 |
||
turbolinux turbolinux appliance server 1.0_hosting |
||
turbolinux turbolinux appliance server 1.0_workgroup |
||
ubuntu ubuntu linux 4.1 |
||
freebsd freebsd 4.0 |
||
freebsd freebsd 4.10 |
||
freebsd freebsd 4.3 |
||
freebsd freebsd 4.8 |
||
freebsd freebsd 5.0 |
||
freebsd freebsd 5.2.1 |
||
freebsd freebsd 5.4 |
||
gentoo linux |
||
redhat enterprise linux 3.0 |
||
redhat linux advanced workstation 2.1 |
||
trustix secure linux 2.0 |
||
turbolinux turbolinux server 7.0 |
||
turbolinux turbolinux server 8.0 |
||
ubuntu ubuntu linux 5.04 |
||
freebsd freebsd 4.1 |
||
trustix secure linux 2.1 |
||
trustix secure linux 2.2 |
||
turbolinux turbolinux workstation 7.0 |
||
turbolinux turbolinux workstation 8.0 |
||
freebsd freebsd 4.2 |
||
freebsd freebsd 4.6.2 |
||
freebsd freebsd 5.2 |
||
redhat enterprise linux desktop 4.0 |
||
turbolinux turbolinux desktop 10.0 |
||
turbolinux turbolinux home |
||
turbolinux turbolinux server 10.0 |