Oval Definition:	oval:org.mitre.oval:def:170
Revision Date: 2009-08-03 Version: 18 Title: Sun Solaris Gzip Race condition and Directory Traversal Issues Description: Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-1228 Platform(s): Sun Solaris 10 Sun Solaris 8 Sun Solaris 9 Product(s): gzip Definition Synopsis Solaris 8 (SPARC) meets Sun Alert ID 101816 criteria. Solaris 8 Installed AND sparc architecture AND NOT Patch 112668-03 or later installed OR Solaris 8 (x86) meets Sun Alert ID 101816 criteria. Solaris 8 Installed AND ix86 architecture AND NOT Patch 112669-03 or later installed OR Solaris 9 (SPARC) meets Sun Alert ID 101816 criteria. Solaris 9 Installed AND sparc architecture AND NOT Patch 116340-04 or later installed OR Solaris 9 (x86) meets Sun Alert ID 101816 criteria. Solaris 9 Installed AND ix86 architecture AND NOT Patch 116341-04 or later installed OR Solaris 10 (SPARC) meets Sun Alert ID 101816 criteria. Solaris 10 Installed AND sparc architecture AND NOT Patch 120719-01 or later installed OR Solaris 10 (x86) meets Sun Alert ID 101816 criteria. Solaris 10 Installed AND ix86 architecture AND NOT Patch 120720-01 or later installed
BACK