Gzip Zgrep Arbitrary Command Execution Vulnerability

The 'zgrep' utility is reportedly affected by an arbitrary command-execution vulnerability.

An attacker may execute arbitrary commands through zgrep command arguments to potentially gain unauthorized access to the affected computer. Note that this issue poses a security threat only if the arguments originate from a malicious source.

This issue affects zgrep 1.2.4; other versions may be affected as well.


 

Privacy Statement
Copyright 2010, SecurityFocus