PT-2005-1789 · Gnu+1 · Gzip+1

Sune Kloppenborg Jeppesen

·

Publicado

2005-05-13

·

Atualizado

2019-10-16

·

CVE-2005-0758

CVSS v2.0

4.6

Média

VetorAV:L/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions gzip versions prior to 1.3.5
Description The issue allows local users to execute arbitrary commands via filenames that are injected into a sed script, due to improper sanitization of arguments by zgrep in gzip.
Recommendations For versions prior to 1.3.5, update to version 1.3.5 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0758
RHSA-2005:357
RHSA-2005:474
RHSA-2005_357
RHSA-2005_474

Produtos afetados

Red Hat
Gzip