CVE-1999-1332 — Redhat Linux vulnerability

7 documents7 sources

Severity

2.1LOWNVD

EPSS

0.2%

top 63.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gzip Redhat Linux

Timeline

PublishedDec 31

Latest updateApr 30

Description

gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶Debiangzip/gzip< 1.3.5-6+3

▶NVDredhat/linux5.0

🔴Vulnerability Details

GHSA

GHSA-f955-6xjg-749h: gzexe in the gzip package on Red Hat Linux 5↗2022-04-30

▶

CVEList

CVE-1999-1332: gzexe in the gzip package on Red Hat Linux 5↗2002-03-09

▶

OSV

CVE-1999-1332: gzexe in the gzip package on Red Hat Linux 5↗1999-12-31

▶

📋Vendor Advisories

Debian

CVE-1999-1332: gzip - gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to...↗1999

▶

Red Hat

CVE-2004-0603: gzexe in gzip 1↗

▶

💬Community

Bugzilla

CAN-2003-0367 tmpfile symlink race in znew↗2003-06-13

▶