ID CVE-2005-0758
Summary zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:gzip:-:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gzip:-:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gzip:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gzip:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gzip:1.2.4a:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gzip:1.2.4a:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gzip:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gzip:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gzip:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gzip:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gzip:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gzip:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 16-10-2019 - 20:01)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2005-09-21T01:33:00.000-04:00
    class vulnerability
    contributors
    name Jay Beale
    organization Bastille Linux
    description zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
    family unix
    id oval:org.mitre.oval:def:1081
    status accepted
    submitted 2005-07-11T12:00:00.000-04:00
    title gzip Argument Sanitation Vulnerability
    version 4
  • accepted 2005-08-18T07:37:00.000-04:00
    class vulnerability
    contributors
    name Jay Beale
    organization Bastille Linux
    description zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
    family unix
    id oval:org.mitre.oval:def:1107
    status accepted
    submitted 2005-06-20T12:00:00.000-04:00
    title gzip zgrep Sanitation Vulnerability
    version 4
  • accepted 2013-04-29T04:22:19.557-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
    family unix
    id oval:org.mitre.oval:def:9797
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
    version 23
redhat via4
advisories
  • rhsa
    id RHSA-2005:357
  • rhsa
    id RHSA-2005:474
refmap via4
apple APPLE-SA-2007-07-31
bid
  • 13582
  • 25159
confirm http://docs.info.apple.com/article.html?artnum=306172
fedora FLSA:158801
gentoo GLSA-200505-05
mandriva
  • MDKSA-2006:026
  • MDKSA-2006:027
misc http://bugs.gentoo.org/show_bug.cgi?id=90626
openpkg OpenPKG-SA-2007.002
osvdb 16371
sco SCOSA-2005.58
sectrack 1013928
secunia
  • 18100
  • 19183
  • 22033
  • 26235
sgi 20060301-01-U
slackware SSA:2006-262
ubuntu USN-158-1
vupen ADV-2007-2732
xf gzip-zgrep-file-installation(20539)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 16-10-2019 - 20:01
Published 13-05-2005 - 04:00
Back to Top