Race Condition Vulnerability in Gzip Allows Arbitrary File Permission Modification

Race Condition Vulnerability in Gzip Allows Arbitrary File Permission Modification

CVE-2005-0988 · LOW Severity

AV:L/AC:H/AU:N/C:P/I:P/A:P

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

Learn more about our User Device Pen Test.