cbcvebase.
CVE-2005-0953
published 2005-05-02

CVE-2005-0953: Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being…

PriorityP411low3.7CVSS 2.0
AVLACHAuNCPIPAP
EPSS
0.40%
31.9th percentile
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.

Affected

16 ranges
VendorProductVersion rangeFixed in
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2>= 0 < 1.0.2-61.0.2-6
bzipbzip2>= 0 < 1.0.2-61.0.2-6
bzipbzip2>= 0 < 1.0.2-61.0.2-6
bzipbzip2>= 0 < 1.0.2-61.0.2-6
debianbzip2< bzip2 1.0.2-6 (bookworm)bzip2 1.0.2-6 (bookworm)

CVSS provenance

nvdv2.03.7LOWAV:L/AC:H/Au:N/C:P/I:P/A:P
osv3.7LOW
vendor_debian3.7LOW
vendor_redhat3.7LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.