Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-158-1
HistoryAug 01, 2005 - 12:00 a.m.

gzip utility vulnerability

2005-08-0100:00:00
ubuntu.com
29

6.5 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.2%

JSON

Releases

  • Ubuntu 5.04
  • Ubuntu 4.10

Details

zgrep did not handle shell metacharacters like ‘|’ and ‘&’ properly
when they occurred in input file names. This could be exploited to
execute arbitrary commands with user privileges if zgrep is run in an
untrusted directory with specially crafted file names.

OSVersionArchitecturePackageVersionFilename
Ubuntu5.04noarchgzip< *UNKNOWN
Ubuntu4.10noarchgzip< *UNKNOWN

Related

nessus 12
ubuntu 1
securityvulns 2
debiancve 1
ubuntucve 1
cve 1
altlinux 2
redhat 2
centos 4
gentoo 1
openvas 4
f5 2
slackware 1
seebug 1
nessus
nessus
Ubuntu 4.10 / 5.04 : gzip vulnerability (USN-158-1)
2006-01-15 00:00:00
Ubuntu 4.10 / 5.04 : bzip2 vulnerability (USN-161-1)
2006-01-15 00:00:00
Mandrake Linux Security Advisory : gzip (MDKSA-2006:027)
2006-02-01 00:00:00
ubuntu
ubuntu
bzip2 utility vulnerability
2005-08-05 00:00:00
securityvulns
securityvulns
[ MDKSA-2006:027 ] - Updated gzip packages fix zgrep vulnerabilities
2006-01-31 00:00:00
[ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities
2006-01-31 00:00:00
debiancve
debiancve
CVE-2005-0758
2005-05-13 04:00:00
ubuntucve
ubuntucve
CVE-2005-0758
2005-05-13 00:00:00
cve
cve
CVE-2005-0758
2005-05-13 04:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package gzip version 1.3.5-alt1
2005-05-19 00:00:00
Security fix for the ALT Linux 9 package gzip version 1.3.5-alt1
2005-05-19 00:00:00
redhat
redhat
(RHSA-2005:474) bzip2 security update
2005-06-16 00:00:00
(RHSA-2005:357) gzip security update
2005-06-13 00:00:00
centos
centos
gzip security update
2005-06-13 15:16:31
bzip2 security update
2005-06-16 21:06:50
gzip security update
2005-06-13 22:49:43
gentoo
gentoo
gzip: Multiple vulnerabilities
2005-05-09 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200505-05 (gzip)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200505-05 (gzip)
2008-09-24 00:00:00
Slackware: Security Advisory (SSA:2006-262-01)
2012-09-10 00:00:00
f5
f5
gzip vulnerabilities CAN-2005-0758, CAN-2005-0988, and CAN-2005-1228
2005-07-19 04:00:00
SOL4532 - gzip vulnerabilities CAN-2005-0758, CAN-2005-0988, and CAN-2005-1228
2005-07-18 00:00:00
slackware
slackware
[slackware-security] gzip
2006-09-19 21:15:29
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00

6.5 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.2%

JSON
Related for USN-158-1
nessus12ubuntu1securityvulns2debiancve1ubuntucve1cve1altlinux2redhat2centos4gentoo1openvas4f52slackware1seebug1