Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0367

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2003-0367
Last Modified 10 Sep 2008 03:18:46
Published 02 Jul 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0367

Summary

znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 8.2

  • Mandrakesoft Mandrake Linux 9.0

  • Mandrakesoft Mandrake Linux 9.1

  • Mandrakesoft Mandrake Linux Corporate Server 2.1

  • Turbolinux Advanced Server 6.0

  • Turbolinux Server 6.1

  • Turbolinux Server 6.5

  • Turbolinux Server 7.0

  • Turbolinux Server 8.0

  • Turbolinux Workstation 6.0

  • Turbolinux Workstation 7.0

  • Turbolinux Workstation 8.0

Application

  • Mandrakesoft Mandrake Multi Network Firewall 8.2

  • Openpkg 1.3.3 1.1.0

  • Openpkg 1.3.5

  • Openpkg 1.3.5 1.2.0


References

TURBO - TLSA-2003-38

CONFIRM - http://www.openpkg.org/security/OpenPKG-SA-2003.031-gzip.html

DEBIAN - DSA-308

BID - 7872

MANDRAKE - MDKSA-2003:068


Last Updated: 27 May 2016 10:37:52