Vulnerabilities

CVE-2002-0760

by Fred · 02/04/2003

Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.

Date published : 2003-04-02

http://www.securityfocus.com/bid/4775

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-039.0.txt

Similar

Tags: Cybersecurity Alert