Lucene search

[email protected]NVD:CVE-2005-0602

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0602

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

9.1

Confidence

High

EPSS

Percentile

9.6%

JSON

Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.

Affected configurations

Nvd

Node

info-zipunzipRange≤5.51

info-zipunzipMatch5.50

References

marc.info/?l=bugtraq&m=110960796331943&w=2

secunia.com/advisories/17045

secunia.com/advisories/17342

secunia.com/advisories/27684

sunsolve.sun.com/search/document.do?assetkey=1-26-103150-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200844-1

www.info-zip.org/FAQ.html

www.mandriva.com/security/advisories?name=MDKSA-2005:197

www.securityfocus.com/bid/14447

www.trustix.org/errata/2005/0053/

www.vupen.com/english/advisories/2007/3866

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

9.1

Confidence

High

EPSS

Percentile

9.6%

JSON

Related for NVD:CVE-2005-0602

nessus6 cvelist1 redhatcve1 ubuntucve1 debiancve1 ubuntu1 cve1 ibm2