The MITRE CVE dictionary describes this issue as:
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (gzip)||RHSA-2005:357||June 13, 2005|
|Red Hat Enterprise Linux version 3 (gzip)||RHSA-2005:357||June 13, 2005|
|Red Hat Enterprise Linux version 4 (gzip)||RHSA-2005:357||June 13, 2005|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.