DescriptionRace condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
Note from the SUSE Security TeamThis issue was fixed for SUSE Linux Enterprise Server 11 and newer products. Older products are affected, but will not receive fixes due to the low severity of this problem. SUSE Bugzilla entry: 274156 [RESOLVED / FIXED] No SUSE Security Announcements cross referenced.
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Server 11 SP1|| |
|SUSE Linux Enterprise Server 11 SP2 |
SUSE Linux Enterprise Server 11 SP3
|SUSE Linux Enterprise Server 11 SP4|| |