13 matches found
Gentoo Security Advisory GLSA 200505-05 (gzip)
The remote host is missing updates announced in advisory GLSA 200505-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: gzip
The remote host is missing an update to the system as announced in the referenced advisory. VID 63bd4bad-dffe-11d9-b875-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: gzip
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : gzip (SSA:2006-262-01)
New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix possible security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2006-262-01. The...
[slackware-security] gzip
New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix possible security issues. More details about the issues fixed may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-0758...
CentOS 3 / 4 : gzip (CESA-2005:357)
An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processes file names. If a user can be tricked into running...
[SECURITY] [DSA 752-1] New gzip packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 752-1 [email protected] http://www.debian.org/security/ Martin Schulze July 11th, 2005 http://www.debian.org/security/faq -...
gzip security update
CentOS Errata and Security Advisory CESA-2005:357-01 An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processe...
gzip security update
CentOS Errata and Security Advisory CESA-2005:357 An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processes...
FreeBSD-SA-05:11.gzip
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:11.gzip Security Advisory The FreeBSD Project Topic: gzip directory traversal and permission race vulnerabilities Category: contrib Module: gzip Announced:...
Mandrake Linux Security Advisory : gzip (MDKSA-2005:092)
Several vulnerabilities have been discovered in the gzip package : Zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. CVE-2005-0758 A race condition in gzip 1.2.4, 1.3.3, and...
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete...
CVE-2005-0988
CVE-2005-0988 describes a race condition in gzip prior to 1.3.5 that affects permission handling during decompression. Specifically, when decompressing a file, a local attacker could exploit a hard-link or timing issue to change the permissions of an arbitrary file (or overwrite it) in the target...