14 matches found
CAN-2005-0953
CVE-2005-0953 concerns a race-condition in the bzip2 compressor/decompressor (v1.0.2 and earlier). During decompression in a directory the attacker could manipulate permissions of an unrelated file the user has access to, enabling local privilege modification. A related issue, CVE-2005-1260, desc...
SOL16965 - bzip2 vulnerabilities CVE-2005-0953 and CVE-2005-1260
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
FreeBSD Ports: bzip2
The remote host is missing an update to the system as announced in the referenced advisory. VID 197f444f-e8ef-11d9-b875-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: bzip2
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)
The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.11 or a version of Mac OS X 10.3 which does not have Security Update 2007-008 applied. This update contains several security fixes for the following programs : - Flash Player Plugin - AppleRAID - BIND - bzip2 -...
CentOS 3 / 4 : bzip2 (CESA-2005:474)
Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4 have been created as the original erratum packages...
Mandrake Linux Security Advisory : bzip2 (MDKSA-2006:026)
A bug was found in the way that bzgrep processed file names. If a user could be tricked into running bzgrep on a file with a special file name, it would be possible to execute arbitrary code with the privileges of the user running bzgrep. As well, the bzip2 package provided with Mandriva Linux 20...
[ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:026 http://www.mandriva.com/security/ Package : bzip2 Date : January 30, 2006 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0 Problem Description: A bug was found in th...
Debian DSA-730-1 : bzip2 - race condition
Imran Ghory discovered a race condition in bzip2, a high-quality block-sorting file compressor and decompressor. When decompressing a file in a directory an attacker has access to, bunzip2 could be tricked to set the file permissions to a different file the user has permissions to. %NASLMINLEVEL...
bzip2 security update
CentOS Errata and Security Advisory CESA-2005:474-01 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux ...
bzip2 security update
CentOS Errata and Security Advisory CESA-2005:474 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4...
Low: Red Hat Security Advisory: bzip2 security update
Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4 have been created as the original erratum packages...
CVE-2005-0953
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete...
CVE-2005-0953
CVE-2005-0953 (bzip2) : A race condition in bzip2 (versions 1.0.2 and earlier) lets a local user modify the permissions of an arbitrary file during decompression via a hard-link attack on a file while it is being decompressed. This can affect files in a directory where the attacker has write acce...