DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2006-0170

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2006-0170-1

Published: 2006-09-19

Products

rPath Linux 1

Rating

Major

Exposure Level Classification

Indirect User Deterministic Unauthorized Access

Updated Versions

gzip=conary.rpath.com@rpl:1/1.3.5-4-0.1

rPath Issue Tracking System

RPL-615

References

Description

Previous versions of the gzip package contain multiple vulnerabilities

that enable user-complicit unauthorized access when a user attempts to

gunzip intentionally malformed gzip files. Some network services will

automatically run the gunzip program in some contexts, which may then

enable direct unauthorized access to the user account that provides

the network service.

Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2006-0170"

Categories: Support Issue | Advisories