Upstream information
Description
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
NVD | |
---|---|
Base Score | 2.1 |
Vector | AV:L/AC:L/Au:N/C:N/I:P/A:N |
Access Vector | Local |
Access Complexity | Low |
Authentication | None |
Confidentiality Impact | None |
Integrity Impact | Partial |
Availability Impact | None |
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 01:58:25 2013CVE page last modified: Mon Sep 9 16:17:02 2024