Oval Definition:oval:org.mitre.oval:def:1081
Revision Date:2005-09-21Version:3
Title:gzip Argument Sanitation Vulnerability
Description:zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-0758
Platform(s):Red Hat Enterprise Linux 3
Product(s):zgrep
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND bzip2 RPM earlier than 0:1.0.2-11.EL3.4
  • AND Configuration section
  • /usr/bin/bzgrep is executable
    • BACK