Описание
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-0953
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19926
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10902
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1154
- http://docs.info.apple.com/article.html?artnum=307041
- http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html
- http://marc.info/?l=bugtraq&m=111229375217633&w=2
- http://secunia.com/advisories/19183
- http://secunia.com/advisories/27274
- http://secunia.com/advisories/27643
- http://secunia.com/advisories/29940
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103118-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200191-1
- http://www.debian.org/security/2005/dsa-730
- http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_158801__Updated_bzip2_packages_fix_security_issues.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:026
- http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.002.html
- http://www.redhat.com/support/errata/RHSA-2005-474.html
- http://www.securityfocus.com/archive/1/456430/30/8730/threaded
- http://www.securityfocus.com/bid/12954
- http://www.securityfocus.com/bid/26444
- http://www.us-cert.gov/cas/techalerts/TA07-319A.html
- http://www.vupen.com/english/advisories/2007/3525
- http://www.vupen.com/english/advisories/2007/3868
EPSS
CVE ID
Связанные уязвимости
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Race condition in bzip2 1.0.2 and earlier allows local users to modify ...
EPSS