CVE-2011-4089

Name of the Vulnerable Software and Affected Versions bzip2 versions 1.0.5 and earlier

Description The issue arises from the bzexe command in bzip2, which generates compressed executables that do not properly handle temporary files during extraction. This allows local users to execute arbitrary code by precreating a temporary directory.

Recommendations For bzip2 versions 1.0.5 and earlier, consider updating to a version later than 1.0.5 to resolve the issue. As a temporary workaround, restrict access to the bzexe command to minimize the risk of exploitation.