Lucene search
GoogleOSV:DSA-588-1HistoryNov 08, 2004 - 12:00 a.m.
gzip - insecure temporary files
2004-11-0800:00:00
Google
osv.dev
6
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
Trustix developers discovered insecure temporary file creation in
supplemental scripts in the gzip package which may allow local users
to overwrite files via a symlink attack.
For the stable distribution (woody) these problems have been fixed in
version 1.3.2-3woody3.
The unstable distribution (sid) is not affected by these problems.
We recommend that you upgrade your gzip package.
References
Related
openvas
openvas
Debian: Security Advisory (DSA-588-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 588-1 (gzip)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-588-1 : gzip - insecure temporary files
2004-11-10 00:00:00
Mandrake Linux Security Advisory : gzip (MDKSA-2004:142)
2004-12-07 00:00:00
securityvulns
securityvulns
[VulnWatch] ncompress insecure temporary file creation
2005-09-16 00:00:00
debian
debian
[SECURITY] [DSA 588-1] New gzip packages fix insecure temporary files
2004-11-08 15:35:12
[SECURITY] [DSA 588-1] New gzip packages fix insecure temporary files
2004-11-08 15:35:12
cve
cve
CVE-2004-0970
2005-02-09 05:00:00
CVE-2005-2991
2005-09-20 20:03:00
ubuntucve
ubuntucve
CVE-2004-0970
2005-02-09 00:00:00
CVE-2005-2991
2005-09-20 00:00:00
debiancve
debiancve
CVE-2004-0970
2005-02-09 05:00:00
CVE-2005-2991
2005-09-20 20:03:00
redhatcve
redhatcve
CVE-2005-2991
2015-10-30 10:31:16
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
Related for OSV:DSA-588-1