Lucene search
K

14 matches found

CVE
CVE
added 2024/02/23 5:57 p.m.17 views

CAN-2005-0953

CVE-2005-0953 concerns a race-condition in the bzip2 compressor/decompressor (v1.0.2 and earlier). During decompression in a directory the attacker could manipulate permissions of an unrelated file the user has access to, enabling local privilege modification. A related issue, CVE-2005-1260, desc...

7.5AI score0.004EPSS
Exploits0
F5 Networks
F5 Networks
added 2015/07/14 12:0 a.m.68 views

SOL16965 - bzip2 vulnerabilities CVE-2005-0953 and CVE-2005-1260

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

5CVSS2.7AI score0.06152EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.30 views

FreeBSD Ports: bzip2

The remote host is missing an update to the system as announced in the referenced advisory. VID 197f444f-e8ef-11d9-b875-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS7.5AI score0.06152EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.26 views

FreeBSD Ports: bzip2

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.5AI score0.06152EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/11/14 12:0 a.m.69 views

Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)

The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.11 or a version of Mac OS X 10.3 which does not have Security Update 2007-008 applied. This update contains several security fixes for the following programs : - Flash Player Plugin - AppleRAID - BIND - bzip2 -...

10CVSS6.8AI score0.56309EPSS
Exploits13References43
Tenable Nessus
Tenable Nessus
added 2006/07/03 12:0 a.m.30 views

CentOS 3 / 4 : bzip2 (CESA-2005:474)

Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4 have been created as the original erratum packages...

5CVSS5.7AI score0.06152EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2006/02/01 12:0 a.m.29 views

Mandrake Linux Security Advisory : bzip2 (MDKSA-2006:026)

A bug was found in the way that bzgrep processed file names. If a user could be tricked into running bzgrep on a file with a special file name, it would be possible to execute arbitrary code with the privileges of the user running bzgrep. As well, the bzip2 package provided with Mandriva Linux 20...

4.6CVSS6AI score0.00529EPSS
Exploits1References2
securityvulns
securityvulns
added 2006/01/31 12:0 a.m.53 views

[ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:026 http://www.mandriva.com/security/ Package : bzip2 Date : January 30, 2006 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0 Problem Description: A bug was found in th...

4.6CVSS7.9AI score0.00529EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/06/17 12:0 a.m.31 views

Debian DSA-730-1 : bzip2 - race condition

Imran Ghory discovered a race condition in bzip2, a high-quality block-sorting file compressor and decompressor. When decompressing a file in a directory an attacker has access to, bunzip2 could be tricked to set the file permissions to a different file the user has permissions to. %NASLMINLEVEL...

3.7CVSS5.3AI score0.004EPSS
Exploits0References3
Cent OS
Cent OS
added 2005/06/16 11:23 p.m.67 views

bzip2 security update

CentOS Errata and Security Advisory CESA-2005:474-01 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux ...

5CVSS5.8AI score0.06152EPSS
Exploits1References8
Cent OS
Cent OS
added 2005/06/16 9:6 p.m.68 views

bzip2 security update

CentOS Errata and Security Advisory CESA-2005:474 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4...

5CVSS5.8AI score0.06152EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2005/06/16 5:36 p.m.38 views

Low: Red Hat Security Advisory: bzip2 security update

Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4 have been created as the original erratum packages...

5CVSS5.8AI score0.06152EPSS
Exploits1References4
OSV
OSV
added 2005/05/02 4:0 a.m.7 views

CVE-2005-0953

Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete...

6AI score
Exploits0References26
CVE
CVE
added 2005/04/03 5:0 a.m.84 views

CVE-2005-0953

CVE-2005-0953 (bzip2) : A race condition in bzip2 (versions 1.0.2 and earlier) lets a local user modify the permissions of an arbitrary file during decompression via a hard-link attack on a file while it is being decompressed. This can affect files in a directory where the attacker has write acce...

3.7CVSS7.2AI score0.004EPSS
Exploits0References25Affected Software1
Rows per page
Query Builder