znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
References
| Link | Resource |
|---|---|
| http://www.debian.org/security/2003/dsa-308 | Patch Third Party Advisory |
| http://www.mandriva.com/security/advisories?name=MDKSA-2003:068 | Third Party Advisory |
| http://www.openpkg.org/security/OpenPKG-SA-2003.031-gzip.html | Patch Vendor Advisory |
| http://www.securityfocus.com/bid/7872 | Third Party Advisory VDB Entry |
| http://www.turbolinux.com/security/TLSA-2003-38.txt | Patch Third Party Advisory |
| http://www.debian.org/security/2003/dsa-308 | Patch Third Party Advisory |
| http://www.mandriva.com/security/advisories?name=MDKSA-2003:068 | Third Party Advisory |
| http://www.openpkg.org/security/OpenPKG-SA-2003.031-gzip.html | Patch Vendor Advisory |
| http://www.securityfocus.com/bid/7872 | Third Party Advisory VDB Entry |
| http://www.turbolinux.com/security/TLSA-2003-38.txt | Patch Third Party Advisory |
Configurations
History
20 Nov 2024, 23:44
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://www.debian.org/security/2003/dsa-308 - Patch, Third Party Advisory | |
| References | () http://www.mandriva.com/security/advisories?name=MDKSA-2003:068 - Third Party Advisory | |
| References | () http://www.openpkg.org/security/OpenPKG-SA-2003.031-gzip.html - Patch, Vendor Advisory | |
| References | () http://www.securityfocus.com/bid/7872 - Third Party Advisory, VDB Entry | |
| References | () http://www.turbolinux.com/security/TLSA-2003-38.txt - Patch, Third Party Advisory |
Information
Published : 2003-07-02 04:00
Updated : 2025-04-03 01:03
NVD link : CVE-2003-0367
Mitre link : CVE-2003-0367
CVE.ORG link : CVE-2003-0367
JSON object : View
Products Affected
debian
- debian_linux
gnu
- gzip
CWE
CWE-20
Improper Input Validation