bzip2 Archive Inherited Symbolic Link Permissions Vulnerability

Bugtraq ID: 4776
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: May 20 2002 12:00AM
Updated: May 20 2002 12:00AM
Credit: Discovery of this issue is credited to Volker Schmidt and Philippe Troin.
Vulnerable: bzip2 bzip2 1.0.1
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- Trustix Secure Linux 1.5
- Trustix Secure Linux 1.2
- Trustix Secure Linux 1.1
bzip2 bzip2 1.0
bzip2 bzip2 0.9.5 d
bzip2 bzip2 0.9.5 c
bzip2 bzip2 0.9.5 b
bzip2 bzip2 0.9.5 a
bzip2 bzip2 0.9 c
bzip2 bzip2 0.9 b
bzip2 bzip2 0.9 a
bzip2 bzip2 0.9
Not Vulnerable: bzip2 bzip2 1.0.2
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
+ Debian Linux 3.0
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.4
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
 + Ubuntu Ubuntu Linux 5.0 4 powerpc
 + Ubuntu Ubuntu Linux 5.0 4 i386
 + Ubuntu Ubuntu Linux 5.0 4 i386
 + Ubuntu Ubuntu Linux 5.0 4 amd64
 + Ubuntu Ubuntu Linux 5.0 4 amd64
 + Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia32
 + Ubuntu Ubuntu Linux 4.1 ia32


 

Privacy Statement
Copyright 2010, SecurityFocus