National Cyber-Alert System

Vulnerability Summary for CVE-2005-0988

Overview

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

Vendor Statments (disclaimer)

Official Statement from Red Hat (03/14/2007)

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA06-214A

Name: TA06-214A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA06-214A.html

External Source: BID

Name: 12996

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/12996

External Source: BID

Name: 19289

Hyperlink:http://www.securityfocus.com/bid/19289

External Source: BUGTRAQ

Name: 20050404 gzip TOCTOU file-permissions vulnerability

Type: Advisory

Hyperlink:http://www.securityfocus.com/archive/1/394965

External Source: OSVDB

Name: 15487

Hyperlink:http://www.osvdb.org/15487

External Source: VUPEN

Name: ADV-2006-3101

Hyperlink:http://www.frsirt.com/english/advisories/2006/3101

External Source: DEBIAN

Name: DSA-752

Hyperlink:http://www.debian.org/security/2005/dsa-752

External Source: SUNALERT

Name: 101816

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1

External Source: SLACKWARE

Name: SSA:2006-262

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852

External Source: SECUNIA

Name: 22033

Hyperlink:http://secunia.com/advisories/22033

External Source: SECUNIA

Name: 21253

Hyperlink:http://secunia.com/advisories/21253

External Source: SECUNIA

Name: 18100

Hyperlink:http://secunia.com/advisories/18100

External Source: REDHAT

Name: RHSA-2005:357

Hyperlink:http://rhn.redhat.com/errata/RHSA-2005-357.html

External Source: APPLE

Name: APPLE-SA-2006-08-01

Hyperlink:http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

External Source: SCO

Name: SCOSA-2005.58

Hyperlink:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt

US Government Resource: oval:org.mitre.oval:def:765

Name: oval:org.mitre.oval:def:765

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:765

US Government Resource: oval:org.mitre.oval:def:1169

Name: oval:org.mitre.oval:def:1169

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1169