bzip2 Insecure Decompressed File Permissions Vulnerability

bzip2 is an open-source file compression/decompression utility for Unix and Linux variants.

bzip2 is prone to a race condition which may cause files to decompress with world-readable permissions.

This vulnerability may potentially expose sensitive files to other local users.


 

Privacy Statement
Copyright 2010, SecurityFocus