Launchpad.net

CVE 2004-0970

The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.

Related bugs and status

CVE-2004-0970 (Candidate) is related to these bugs:

Bug #9445: insecure use of temp files by gzexe, zdiff, znew

Summary				In	Importance	Status
	9445	insecure use of temp files by gzexe, zdiff, znew		gzip (Ubuntu)	High	Invalid
	9445	insecure use of temp files by gzexe, zdiff, znew		gzip (Debian)	Unknown	Fix Released

Bug #9811: CAN-2004-0970: Insecure temporary files

Summary				In	Importance	Status
	9811	CAN-2004-0970: Insecure temporary files		gzip (Ubuntu)	High	Invalid
	9811	CAN-2004-0970: Insecure temporary files		gzip (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

DEBIAN: DSA-588
TRUSTIX: 2004-0050
BID: 11288
MISC: http://www.zataz.net/a...
SECUNIA: 13131
VULNWATCH: 20050916 ncompress ins...
XF: script-temporary-file-...