bzip2 Decompression File Overwrite Vulnerability

Bugtraq ID: 4774
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: May 20 2002 12:00AM
Updated: May 20 2002 12:00AM
Credit: Discovery of this issue is credited to Volker Schmidt and Philippe Troin.
Vulnerable: bzip2 bzip2 1.0.1
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- Trustix Secure Linux 1.5
- Trustix Secure Linux 1.2
- Trustix Secure Linux 1.1
bzip2 bzip2 1.0
bzip2 bzip2 0.9.5 d
bzip2 bzip2 0.9.5 c
bzip2 bzip2 0.9.5 b
bzip2 bzip2 0.9.5 a
bzip2 bzip2 0.9 c
bzip2 bzip2 0.9 b
bzip2 bzip2 0.9 a
bzip2 bzip2 0.9
Not Vulnerable: bzip2 bzip2 1.0.2
+ Conectiva Linux 10.0
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ Conectiva Linux 9.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 3.0
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.4
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
+ Ubuntu Ubuntu Linux 4.1 ia32


 

Privacy Statement
Copyright 2010, SecurityFocus