1.2 CVE-2002-0760
Patch
Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.
https://nvd.nist.gov/vuln/detail/CVE-2002-0760
Categories
CWE-NVD-Other
References
BID Patch
4775 Patch Vendor Advisory |
CALDERA
FREEBSD Patch
FreeBSD-SA-02:25 Patch Vendor Advisory |
XF Patch
bzip2-decompression-race-condition(9127) Patch Vendor Advisory |
CPE
cpe | start | end |
---|---|---|
Configuration 1 | ||
cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:* |
REMEDIATION
Patch
Url |
---|
4775 |
FreeBSD-SA-02:25 |
bzip2-decompression-race-condition(9127) |
EXPLOITS
Exploit-db.com
id | description | date | |
---|---|---|---|
No known exploits |
Other (github, ...)
Url |
---|
No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
id | description | severity |
---|---|---|
No entry |
MITRE
Sherlock® flash
Take a picture of your computer network in a few clicks !
The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.
