| Revision Date: | 2005-09-21 | Version: | 3 |
| Title: | bzip2 Arbitrary File Permission Modification Vulnerability |
| Description: | Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2005-0953
|
| Platform(s): | Red Hat Enterprise Linux 3
| Product(s): | bzip2
|
| Definition Synopsis |
| Software section Red Hat Enterprise 3 is installed
AND bzip2 RPM earlier than 0:1.0.2-11.EL3.4
AND Configuration section
/usr/bin/bzip2 is executable
|