Oval Definition:oval:org.mitre.oval:def:358
Revision Date:2005-09-21Version:3
Title:cpio Race Condition
Description:Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-1111
Platform(s):Red Hat Enterprise Linux 3
Product(s):cpio
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND cpio rpm is older than 0:2.5-4.RHEL3
  • AND Configuration section
  • /bin/cpio is executable by all
  • BACK