ID CVE-2005-2475
Summary Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
References
Vulnerable Configurations
  • cpe:2.3:a:info-zip:unzip:5.52:*:*:*:*:*:*:*
    cpe:2.3:a:info-zip:unzip:5.52:*:*:*:*:*:*:*
CVSS
Base: 1.2 (as of 11-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:H/Au:N/C:P/I:N/A:N
oval via4
accepted 2013-04-29T04:23:48.927-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
family unix
id oval:org.mitre.oval:def:9975
status accepted
submitted 2010-07-09T03:56:16-04:00
title Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
version 23
redhat via4
advisories
rhsa
id RHSA-2007:0203
rpms
  • unzip-0:5.50-35.EL3
  • unzip-0:5.51-9.EL4.5
refmap via4
bid 14450
bugtraq 20050801 unzip TOCTOU file-permissions vulnerability
confirm http://www.info-zip.org/FAQ.html
debian DSA-903
mandriva MDKSA-2005:197
osvdb 18530
sco SCOSA-2005.39
secunia
  • 16309
  • 16985
  • 17006
  • 17045
  • 17342
  • 17653
  • 25098
sreason 32
trustix 2005-0053
ubuntu USN-191-1
statements via4
contributor Mark J Cox
lastmodified 2007-09-05
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164927 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.
Last major update 11-10-2017 - 01:30
Published 05-08-2005 - 04:00
Back to Top