User: Password:
|
|
Subscribe / Log in / New account

gzip: arbitrary command execution

Package(s):gzip CVE #(s):CAN-2005-0758
Created:August 1, 2005 Updated:January 10, 2007
Description: zgrep in gzip before 1.3.5 does not handle shell metacharacters like '|' and '&' properly when they occurred in input file names. This could be exploited to execute arbitrary commands with user privileges if zgrep is run in an untrusted directory with specially crafted file names.
Alerts:
OpenPKG OpenPKG-SA-2007.002 bzip2 2007-01-08
Mandriva MDKSA-2006:027 gzip 2006-01-30
Mandriva MDKSA-2006:026 bzip2 2006-01-30
Fedora-Legacy FLSA:158801 bzip2 2005-11-14
Fedora-Legacy FLSA:157696 gzip 2005-08-10
Ubuntu USN-161-1 bzip2 2005-08-04
Ubuntu USN-158-1 gzip 2005-08-01

(Log in to post comments)

gzip: arbitrary command execution

Posted Aug 6, 2005 3:11 UTC (Sat) by roelofs (guest, #2599) [Link]

USN-161-1 applies to bzgrep in the bzip2 package, not gzip. Both scripts had the same problem.

Greg

gzip: arbitrary command execution

Posted Nov 17, 2005 9:56 UTC (Thu) by mjcox@redhat.com (guest, #31775) [Link]

fixed by RHSA-2005:357 on 20050713
fixed by FEDORA-2005-471 for Fedora Core 3 (FC4 wasn't affected)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds