BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
Re: gzip TOCTOU file-permissions vulnerability
Apr 13 2005 03:00PM
Peter J. Holzer (hjp wsr ac at)
On 2005-04-12 13:47:01 +0200, Martin Pitt wrote:
> Imran Ghory [2005-04-04 20:57 +0100]:
> > Vulnerable software
> > ====================
> >
> > gzip 1.2.4 and 1.3.3 and previous versions running on unix.
> >
> > Vulnerability
> > ==============
> >
> > If a malicious local user has write access...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
> Imran Ghory [2005-04-04 20:57 +0100]:
> > Vulnerable software
> > ====================
> >
> > gzip 1.2.4 and 1.3.3 and previous versions running on unix.
> >
> > Vulnerability
> > ==============
> >
> > If a malicious local user has write access...
[ more ]