Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-2991HistorySep 20, 2005 - 8:03 p.m.
CVE-2005-2991
2005-09-2020:03:00
Debian Security Bug Tracker
security-tracker.debian.org
11
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
EPSS
0
Percentile
5.1%
ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ncompress | < 4.2.4.6-6 | ncompress_4.2.4.6-6_all.deb |
| Debian | 11 | all | ncompress | < 4.2.4.6-4 | ncompress_4.2.4.6-4_all.deb |
| Debian | 999 | all | ncompress | < 5.0-2 | ncompress_5.0-2_all.deb |
| Debian | 13 | all | ncompress | < 5.0-2 | ncompress_5.0-2_all.deb |
Related
ubuntucve
ubuntucve
CVE-2005-2991
2005-09-20 00:00:00
CVE-2004-0970
2005-02-09 00:00:00
cvelist
cvelist
CVE-2005-2991
2005-09-20 04:00:00
CVE-2004-0970
2004-10-20 04:00:00
nvd
nvd
CVE-2005-2991
2005-09-20 20:03:00
CVE-2004-0970
2005-02-09 05:00:00
redhatcve
redhatcve
CVE-2005-2991
2015-10-30 10:31:16
cve
cve
CVE-2005-2991
2005-09-20 20:03:00
CVE-2004-0970
2005-02-09 05:00:00
openvas
openvas
Debian: Security Advisory (DSA-588-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 588-1 (gzip)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 588-1] New gzip packages fix insecure temporary files
2004-11-08 15:35:12
[SECURITY] [DSA 588-1] New gzip packages fix insecure temporary files
2004-11-08 15:35:12
securityvulns
securityvulns
[VulnWatch] ncompress insecure temporary file creation
2005-09-16 00:00:00
nessus
nessus
Debian DSA-588-1 : gzip - insecure temporary files
2004-11-10 00:00:00
Mandrake Linux Security Advisory : gzip (MDKSA-2004:142)
2004-12-07 00:00:00
osv
osv
gzip - insecure temporary files
2004-11-08 00:00:00
debiancve
debiancve
CVE-2004-0970
2005-02-09 05:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2005-2991