发布时间 :1999-12-31 00:00:00
修订时间 :2016-10-17 22:03:00

[原文]gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.

[CNNVD]GNU gzexe暂时文件漏洞(CNNVD-199912-114)

        Red Hat Linux 5.0 及之前版本中的压缩包存在gzexe暂时文件漏洞。本地用户可以通过向暂时文件的符号连接攻击来重写其他用户的文件。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  19980128 GZEXE - the big problem
(UNKNOWN)  XF  gzip-gzexe-tmp-symlink(7241)
(UNKNOWN)  BID  7845

- 漏洞信息

GNU gzexe暂时文件漏洞
低危 未知
1999-12-31 00:00:00 2005-05-02 00:00:00
        Red Hat Linux 5.0 及之前版本中的压缩包存在gzexe暂时文件漏洞。本地用户可以通过向暂时文件的符号连接攻击来重写其他用户的文件。

- 公告与补丁

        Debian has issued upgrades that will eliminate the vulnerability in Debian packages. See DSA-308-1 (in the reference section) for URLs.
        SGI has released advisory 20040104-01-P to address this issue.
        Patch 5424 will be released for IRIX versions later than 6.5.17.
        Users should upgrade to one of these versions and then apply the
        patch when it is available. Further details can be found in the
        attached advisory.
        GNU gzip 1.2.4
        GNU gzip 1.3.2

- 漏洞信息

gzip gzexe Insecure Temp File Creation
Local Access Required Race Condition
Loss of Integrity
Exploit Public

- 漏洞描述

gzip contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when the gzexe script creates temp files insecurely. It is possible that the flaw may allow arbitrary file overwriting resulting in a loss of integrity.

- 时间线

1998-01-28 Unknow
1998-01-28 Unknow

- 解决方案

Currently, there are no known workarounds to correct this issue. However, SGI has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者