CVE-2011-4089
published 2014-04-16CVE-2011-4089: The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local…
PriorityP426medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
1.04%
59.8th percentile
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bzip | bzip2 | <= 1.0.4 | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | >= 0 < 1.0.6-1 | 1.0.6-1 |
| bzip | bzip2 | >= 0 < 1.0.6-1 | 1.0.6-1 |
| bzip | bzip2 | >= 0 < 1.0.6-1 | 1.0.6-1 |
| bzip | bzip2 | >= 0 < 1.0.6-1 | 1.0.6-1 |
| debian | bzip2 | < bzip2 1.0.6-1 (bookworm) | bzip2 1.0.6-1 (bookworm) |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM
vendor_debian4.6LOW
vendor_redhat4.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
bzip2 vulnerability
vendor_ubuntu·2011-12-14
CVE-2011-4089 bzip2 vulnerability
Title: bzip2 vulnerability
Summary: Executables compressed by bzexe could be made to run programs as your
login.
vladz discovered that executables compressed by bzexe insecurely create
temporary files when they are ran. A local attacker could exploit this issue to
execute arbitrary code as the user running a compressed executable.
Instructions: In general, a standard system update will make all the necessary changes to
the bzexe utility. If you have previously used bzexe to compress any
executables, they need to be recompressed using the updated version.
Debian
CVE-2011-4089: bzip2 - The bzexe command in bzip2 1.0.5 and earlier generates compressed executables th...
vendor_debian·2011·CVSS 4.6
CVE-2011-4089 [MEDIUM] CVE-2011-4089: bzip2 - The bzexe command in bzip2 1.0.5 and earlier generates compressed executables th...
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
Scope: local
bookworm: resolved (fixed in 1.0.6-1)
bullseye: resolved (fixed in 1.0.6-1)
forky: resolved (fixed in 1.0.6-1)
sid: resolved (fixed in 1.0.6-1)
trixie: resolved (fixed in 1.0.6-1)
Red Hat
CVE-2011-4089: The bzexe command in bzip2 1
vendor_redhat·CVSS 4.6
CVE-2011-4089 [MEDIUM] CVE-2011-4089: The bzexe command in bzip2 1
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
Statement: Not vulnerable. This issue did not affect the versions of bzip2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include the bzexe executable.
GHSA
GHSA-f3fh-cjxj-26mw: The bzexe command in bzip2 1
ghsa_unreviewed·2022-05-17
CVE-2011-4089 [MEDIUM] GHSA-f3fh-cjxj-26mw: The bzexe command in bzip2 1
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
OSV
CVE-2011-4089: The bzexe command in bzip2 1
osv·2014-04-16·CVSS 4.6
CVE-2011-4089 [MEDIUM] CVE-2011-4089: The bzexe command in bzip2 1
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
No detection rules found.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2011/Oct/804http://www.exploit-db.com/exploits/18147http://www.openwall.com/lists/oss-security/2011/10/28/16http://www.ubuntu.com/usn/USN-1308-1https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862http://seclists.org/fulldisclosure/2011/Oct/804http://www.exploit-db.com/exploits/18147http://www.openwall.com/lists/oss-security/2011/10/28/16http://www.ubuntu.com/usn/USN-1308-1https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862
2014-04-16
Published