CVE-2005-0988

Current Description

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

Basic Data

Published	May 02, 2005
Last Modified	October 11, 2017
Assigner	cve@mitre.org
Data Type	CVE
Data Format	MITRE
Data Version	4.0
Problem Type	NVD-CWE-Other
CVE Data Version	4.0

Base Metric V2

CVSS 2 - Version	2.0
CVSS 2 - Vector String	AV:L/AC:H/Au:N/C:P/I:P/A:P
CVSS 2 - Access Vector	LOCAL
CVSS 2 - Access Complexity	HIGH
CVSS 2 - Authentication	NONE
CVSS 2 - Confidentiality Impact	PARTIAL
CVSS 2 - Availability Impact	PARTIAL
CVSS 2 - Base Score	3.7
Severity	LOW
Exploitability Score	1.9
Impact Score	6.4
Obtain All Privilege	false
Obtain User Privilege	false
Obtain Other Privilege	false

Base Metric V3

No data provided.

Configurations

OR - Configuration 1

Cpe Version	Part	Vendor	Product	Version	Update	Edition	Language	SW Edition	Target SW	Target HW	Other
2.3	Application	Gnu	Gzip	1.2.4	*	*	*	*	*	*	*
2.3	Application	Gnu	Gzip	1.2.4a	*	*	*	*	*	*	*
2.3	Application	Gnu	Gzip	1.3.3	*	*	*	*	*	*	*

OR - Configuration 2

Cpe Version	Part	Vendor	Product	Version	Update	Edition	Language	SW Edition	Target SW	Target HW	Other
2.3	OS	Freebsd	Freebsd	4.0	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.0	alpha	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.0	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.1	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.1.1	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.1.1	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.1.1	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.2	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.2	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.3	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.3	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.3	release_p38	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.3	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.3	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.4	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.4	release_p42	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.4	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.4	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.5	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.5	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.5	release_p32	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.5	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.5	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.6	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.6	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.6	release_p20	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.6	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.6	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.6.2	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.7	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.7	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.7	release_p17	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.7	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.7	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.8	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.8	pre-release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.8	release_p6	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.8	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.9	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.9	pre-release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.9	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.10	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.10	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.10	release_p8	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.10	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.11	release_p3	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.11	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	4.11	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.0	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.0	alpha	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.0	release_p14	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.0	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.1	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.1	alpha	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.1	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.1	release_p5	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.1	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.2	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.2.1	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.2.1	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.3	*	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.3	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.3	releng	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.3	stable	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.4	pre-release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.4	release	*	*	*	*	*	*
2.3	OS	Freebsd	Freebsd	5.4	releng	*	*	*	*	*	*
2.3	OS	Gentoo	Linux	*	*	*	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	2.1	*	advanced_server	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	2.1	*	advanced_server_ia64	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	2.1	*	enterprise_server	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	2.1	*	enterprise_server_ia64	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	2.1	*	workstation	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	2.1	*	workstation_ia64	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	3.0	*	advanced_server	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	3.0	*	enterprise_server	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	3.0	*	workstation_server	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	4.0	*	advanced_server	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	4.0	*	enterprise_server	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux	4.0	*	workstation	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux Desktop	3.0	*	*	*	*	*	*	*
2.3	OS	Redhat	Enterprise Linux Desktop	4.0	*	*	*	*	*	*	*
2.3	OS	Redhat	Linux Advanced Workstation	2.1	*	ia64	*	*	*	*	*
2.3	OS	Redhat	Linux Advanced Workstation	2.1	*	itanium_processor	*	*	*	*	*
2.3	OS	Trustix	Secure Linux	2.0	*	*	*	*	*	*	*
2.3	OS	Trustix	Secure Linux	2.1	*	*	*	*	*	*	*
2.3	OS	Trustix	Secure Linux	2.2	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Appliance Server	1.0_hosting	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Appliance Server	1.0_workgroup	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Desktop	10.0	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Home	*	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Server	7.0	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Server	8.0	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Server	10.0	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Workstation	7.0	*	*	*	*	*	*	*
2.3	OS	Turbolinux	Turbolinux Workstation	8.0	*	*	*	*	*	*	*
2.3	OS	Ubuntu	Ubuntu Linux	4.1	*	ia64	*	*	*	*	*
2.3	OS	Ubuntu	Ubuntu Linux	4.1	*	ppc	*	*	*	*	*
2.3	OS	Ubuntu	Ubuntu Linux	5.04	*	amd64	*	*	*	*	*
2.3	OS	Ubuntu	Ubuntu Linux	5.04	*	i386	*	*	*	*	*
2.3	OS	Ubuntu	Ubuntu Linux	5.04	*	powerpc	*	*	*	*	*

Vulnerable Software List

Vendor	Product	Versions
Freebsd	Freebsd	4.0, 4.1, 4.1.1, 4.10, 4.11, 4.2, 4.3, 4.4, 4.5, 4.6, 4.6.2, 4.7, 4.8, 4.9, 5.0, 5.1, 5.2, 5.2.1, 5.3, 5.4
Redhat	Enterprise Linux	2.1, 3.0, 4.0
Redhat	Enterprise Linux Desktop	3.0, 4.0
Redhat	Linux Advanced Workstation	2.1
Ubuntu	Ubuntu Linux	4.1, 5.04
Turbolinux	Turbolinux Desktop	10.0
Turbolinux	Turbolinux Server	10.0, 7.0, 8.0
Turbolinux	Turbolinux Workstation	7.0, 8.0
Turbolinux	Turbolinux Home	*
Turbolinux	Turbolinux Appliance Server	1.0_hosting, 1.0_workgroup
Gnu	Gzip	1.2.4, 1.2.4a, 1.3.3
Trustix	Secure Linux	2.0, 2.1, 2.2
Gentoo	Linux	*

References

Name	Source	URL	Tags
SCOSA-2005.58	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt	SCO
APPLE-SA-2006-08-01	http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html	APPLE
RHSA-2005:357	http://rhn.redhat.com/errata/RHSA-2005-357.html	REDHAT
18100	http://secunia.com/advisories/18100	SECUNIA
21253	http://secunia.com/advisories/21253	SECUNIA
22033	http://secunia.com/advisories/22033	SECUNIA
SSA:2006-262	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852	SLACKWARE
101816	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1	SUNALERT
DSA-752	http://www.debian.org/security/2005/dsa-752	DEBIAN
15487	http://www.osvdb.org/15487	OSVDB
20050404 gzip TOCTOU file-permissions vulnerability	http://www.securityfocus.com/archive/1/394965	BUGTRAQ	Vendor Advisory
12996	http://www.securityfocus.com/bid/12996	BID	Patch
19289	http://www.securityfocus.com/bid/19289	BID
TA06-214A	http://www.us-cert.gov/cas/techalerts/TA06-214A.html	CERT	US Government Resource
ADV-2006-3101	http://www.vupen.com/english/advisories/2006/3101	VUPEN
oval:org.mitre.oval:def:10242	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10242	OVAL
oval:org.mitre.oval:def:1169	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1169	OVAL
oval:org.mitre.oval:def:765	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A765	OVAL