4 matches found
Mandrake Linux Security Advisory : bzip2 (MDKSA-2006:026)
A bug was found in the way that bzgrep processed file names. If a user could be tricked into running bzgrep on a file with a special file name, it would be possible to execute arbitrary code with the privileges of the user running bzgrep. As well, the bzip2 package provided with Mandriva Linux 20...
bzip2 bzgrep and gzip zgrep shell characters problem
Unfiltered characters in filename allow code execution...
Ubuntu 4.10 / 5.04 : bzip2 vulnerability (USN-161-1)
USN-158-1 fixed a command injection vulnerability in the 'zgrep' utility. It was determined that the 'bzgrep' counterpart in the bzip2 package is vulnerable to the same flaw. bzgrep did not handle shell metacharacters like '|' and '&' properly when they occurred in input file names. This could be...
USN-161-1: bzip2 utility vulnerability
USN-158-1 fixed a command injection vulnerability in the "zgrep" utility. It was determined that the "bzgrep" counterpart in the bzip2 package is vulnerable to the same flaw. bzgrep did not handle shell metacharacters like '|' and '&' properly when they occurred in input file names. This could be...