CVE-2005-0988

Impact:
Low
Public Date:
2005-04-04

The MITRE CVE dictionary describes this issue as:

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

Find out more about CVE-2005-0988 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 3 (gzip) RHSA-2005:357 2005-06-13
Red Hat Enterprise Linux version 2.1 (gzip) RHSA-2005:357 2005-06-13
Red Hat Enterprise Linux version 4 (gzip) RHSA-2005:357 2005-06-13