|
|
CPIO Archiver Local Insecure File Creation Vulnerability
|
Bugtraq ID:
|
12404
|
|
Class:
|
Design Error
|
|
CVE:
|
CVE-1999-1572
|
|
Remote:
|
No
|
|
Local:
|
Yes
|
|
Published:
|
Jul 16 1996 12:00AM
|
|
Updated:
|
Jul 12 2009 10:06AM
|
|
Credit:
|
Georg-W. Koltermann is credited with the discovery of this issue.
|
|
Vulnerable:
|
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Server 10.0
Trustix Secure Linux 2.2
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
Trustix Secure Enterprise Linux 2.0
SGI Advanced Linux Environment 3.0
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
GNU cpio 1.2
GNU cpio 1.1
GNU cpio 1.0
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Conectiva Linux 10.0
Avaya Integrated Management 2.1
Avaya Integrated Management
Avaya CVLAN
|
|
|
|
Not Vulnerable:
|
GNU cpio 2.6
+
Gentoo Linux
+
MandrakeSoft Linux Mandrake 2006.0 x86_64
+
MandrakeSoft Linux Mandrake 2006.0
+
MandrakeSoft Linux Mandrake 10.2 x86_64
+
MandrakeSoft Linux Mandrake 10.2
GNU cpio 2.5.90
GNU cpio 2.5
+
Debian Linux 3.1
+
MandrakeSoft Corporate Server 3.0 x86_64
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 2.1 x86_64
+
MandrakeSoft Corporate Server 2.1
+
MandrakeSoft Linux Mandrake 10.1 x86_64
+
MandrakeSoft Linux Mandrake 10.1
+
MandrakeSoft Linux Mandrake 10.0 AMD64
+
MandrakeSoft Linux Mandrake 10.0
+
MandrakeSoft Linux Mandrake 9.2 amd64
+
MandrakeSoft Linux Mandrake 9.2
+
MandrakeSoft Linux Mandrake 9.1 ppc
+
MandrakeSoft Linux Mandrake 9.1
+
Ubuntu Ubuntu Linux 5.10 powerpc
+
Ubuntu Ubuntu Linux 5.10 i386
+
Ubuntu Ubuntu Linux 5.10 amd64
+
Ubuntu Ubuntu Linux 5.0 4 powerpc
+
Ubuntu Ubuntu Linux 5.0 4 i386
+
Ubuntu Ubuntu Linux 5.0 4 amd64
+
Ubuntu Ubuntu Linux 4.1 ppc
+
Ubuntu Ubuntu Linux 4.1 ia64
+
Ubuntu Ubuntu Linux 4.1 ia32
GNU cpio 2.4.2
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
GNU cpio 1.3
|
|
|
