Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1332

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-1999-1332
Last Modified 05 Sep 2008 04:19:16
Published 31 Dec 1999 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1332

Summary

gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.

Vulnerable Systems

Operating System

  • Redhat Linux 5.0


References

CONFIRM - http://www.redhat.com/support/errata/rh50-errata-general.html#gzip

BUGTRAQ - 19980128 GZEXE - the big problem

BID - 7845

OSVDB - 3812

XF - gzip-gzexe-tmp-symlink(7241)

DEBIAN - DSA-308


Last Updated: 27 May 2016 10:35:23