VDB
CVE-2005-2475
CVE-2005-2475
PUBLISHED
Reported by mitre · Published August 5, 2005
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, * |
Timeline
- Aug 5, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 25098 third-party-advisoryx_refsource_SECUNIA
- 17653 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- 2005-0053 vendor-advisoryx_refsource_TRUSTIX
- USN-191-1 vendor-advisoryx_refsource_UBUNTU
- 18530 vdb-entryx_refsource_OSVDB
- 14450 vdb-entryx_refsource_BID
- 17342 third-party-advisoryx_refsource_SECUNIA
- 16985 third-party-advisoryx_refsource_SECUNIA
- SCOSA-2005.39 vendor-advisoryx_refsource_SCO
- 20050801 unzip TOCTOU file-permissions vulnerability mailing-listx_refsource_BUGTRAQ
- 32 third-party-advisoryx_refsource_SREASON
- DSA-903 vendor-advisoryx_refsource_DEBIAN
- RHSA-2007:0203 vendor-advisoryx_refsource_REDHAT
- 17045 third-party-advisoryx_refsource_SECUNIA
- 17006 third-party-advisoryx_refsource_SECUNIA
- 16309 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:9975 vdb-entrysignaturex_refsource_OVAL
- MDKSA-2005:197 vendor-advisoryx_refsource_MANDRIVA