Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2005-0953
HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0953

2005-05-0204:00:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
41
cve-2005-0953
bzip2
vulnerability
file permissions
hard link attack
decompression
nvd

5.9 Medium

AI Score

Confidence

Low

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

31.2%

JSON

Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.

References

Related

openvas 6
debian 2
ubuntucve 1
nessus 8
debiancve 1
securityvulns 1
freebsd 1
f5 2
ubuntu 1
freebsd_advisory 1
centos 2
redhat 1
jvn 1
openvas
openvas
Debian: Security Advisory (DSA-730-1)
2008-01-17 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-05:14.bzip2.asc)
2008-09-04 00:00:00
Debian Security Advisory DSA 730-1 (bzip2)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification
2005-05-27 17:41:55
[SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification
2005-05-27 17:41:55
ubuntucve
ubuntucve
CVE-2005-0953
2005-05-02 00:00:00
nessus
nessus
Debian DSA-730-1 : bzip2 - race condition
2005-06-17 00:00:00
Mandrake Linux Security Advisory : bzip2 (MDKSA-2005:091)
2005-05-19 00:00:00
FreeBSD : bzip2 -- denial of service and permission race vulnerabilities (197f444f-e8ef-11d9-b875-0001020eed82)
2005-07-13 00:00:00
debiancve
debiancve
CVE-2005-0953
2005-05-02 04:00:00
securityvulns
securityvulns
[ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities
2006-01-31 00:00:00
freebsd
freebsd
bzip2 -- denial of service and permission race vulnerabilities
2005-03-30 00:00:00
f5
f5
K16965 : bzip2 vulnerabilities CVE-2005-0953 and CVE-2005-1260
2015-07-14 00:00:00
SOL16965 - bzip2 vulnerabilities CVE-2005-0953 and CVE-2005-1260
2015-07-14 00:00:00
ubuntu
ubuntu
bzip2 vulnerabilities
2005-05-17 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-05:14.bzip2
2005-06-29 00:00:00
centos
centos
bzip2 security update
2005-06-16 21:06:50
bzip2 security update
2005-06-16 23:23:09
redhat
redhat
(RHSA-2005:474) bzip2 security update
2005-06-16 00:00:00
jvn
jvn
JVN#78689801: BGA32.DLL and QBga32.DLL contain multiple vulnerabilities
2015-05-19 00:00:00

5.9 Medium

AI Score

Confidence

Low

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

31.2%

JSON
Related for CVE-2005-0953
openvas6debian2ubuntucve1nessus8debiancve1securityvulns1freebsd1f52ubuntu1freebsd_advisory1centos2redhat1jvn1