CVE-2005-0953
Published May 2, 2005
Last updated 6 years ago
Overview
- Description
- Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.7
- Impact score
- 6.4
- Exploitability score
- 1.9
- Vector string
- AV:L/AC:H/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Vendor comments
- Red HatRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3852E705-516A-4A5E-8095-93DCF8DB15DB"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "124E0E58-A7B3-4B3E-BEAD-76073A75A0DE"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F2C4072-C19D-45E0-9662-030F39BD2295"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1466AE9-B7E0-449C-BD25-54009833ED93"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_d:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC309293-C48A-4931-9A81-359966C6BB40"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3992967-645A-45E1-979E-6866B50AA642"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "980AE5B2-11A7-4672-B221-DF660F20667F"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DC33019-390A-428F-B119-139CA5949AE4"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B10B3BF9-BE42-468D-89E8-8D4A5FEDC734"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E55F00B1-D48B-40A6-872F-959598D7E6E4"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB5DBC5B-C1C4-487E-B40D-8925FDA13D1E"
}
],
"operator": "OR"
}
]
}
]