16 matches found
Gentoo Security Advisory GLSA 200505-05 (gzip)
The remote host is missing updates announced in advisory GLSA 200505-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...
Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : gzip (SSA:2006-262-01)
New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix possible security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2006-262-01. The...
[slackware-security] gzip
New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix possible security issues. More details about the issues fixed may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-0758...
CentOS 3 / 4 : bzip2 (CESA-2005:474)
Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4 have been created as the original erratum packages...
CentOS 3 / 4 : gzip (CESA-2005:357)
An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processes file names. If a user can be tricked into running...
Mandrake Linux Security Advisory : gzip (MDKSA-2006:027)
Zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. This was previously corrected in MDKSA-2005:092, however the fix was incomplete. These updated packages provide a more...
[ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:026 http://www.mandriva.com/security/ Package : bzip2 Date : January 30, 2006 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0 Problem Description: A bug was found in th...
bzip2 security update
CentOS Errata and Security Advisory CESA-2005:474-01 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux ...
bzip2 security update
CentOS Errata and Security Advisory CESA-2005:474 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4...
Low: Red Hat Security Advisory: bzip2 security update
Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4 have been created as the original erratum packages...
gzip security update
CentOS Errata and Security Advisory CESA-2005:357-01 An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processe...
gzip security update
CentOS Errata and Security Advisory CESA-2005:357 An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processes...
Mandrake Linux Security Advisory : gzip (MDKSA-2005:092)
Several vulnerabilities have been discovered in the gzip package : Zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. CVE-2005-0758 A race condition in gzip 1.2.4, 1.3.3, and...
CVE-2005-0758
The CVE-2005-0758 issue affects gzip prior to 1.3.5, where zgrep does not properly sanitize file arguments, allowing local users to inject filenames into a sed script and execute arbitrary commands. Connected advisories confirm related issues (CVE-2005-0988 and CVE-2005-1228) in gunzip/bzip2 work...
CVE-2005-0758
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script...