[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256288

 
 

909

 
 

199146

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-1228Date: (C)2005-05-02   (M)2023-12-22


Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SUNALERT-101816
SECUNIA-15047
OSVDB-15721
SECUNIA-18100
BID-19289
http://marc.info/?l=bugtraq&m=111402732406477&w=2
SECUNIA-21253
SECUNIA-22033
ADV-2006-3101
APPLE-SA-2006-08-01
DSA-752
RHSA-2005:357
SCOSA-2005.58
SSA:2006-262
TA06-214A
gzip-n-directory-traversal(20199)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305255
oval:org.mitre.oval:def:11057
oval:org.mitre.oval:def:170
oval:org.mitre.oval:def:382

CPE    2
cpe:/a:gnu:gzip:1.3.3
cpe:/a:gnu:gzip:1.2.4

© SecPod Technologies