Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: gzip TOCTOU file-permissions vulnerability Apr 12 2005 11:47AM
Martin Pitt (martin pitt canonical com)
Hi Imran!

Imran Ghory [2005-04-04 20:57 +0100]:
> Vulnerable software
> ====================
>
> gzip 1.2.4 and 1.3.3 and previous versions running on unix.
>
> Vulnerability
> ==============
>
> If a malicious local user has write access to a directory in which a
> target user is using gzip to ...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus