Oval Definition:	oval:org.mitre.oval:def:1169
Revision Date: 2005-08-18 Version: 3 Title: gzip Hard Link Attack Description: Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-0988 Platform(s): Red Hat Enterprise Linux 3 Product(s): gzip Definition Synopsis Software section Red Hat Enterprise 3 is installed AND gzip RPM earlier than 0:1.3.3-12rhel3 AND Configuration section /usr/bin/gunzip is executable OR /usr/bin/gzip is executable
BACK