Test ID:	1.3.6.1.4.1.25623.1.0.55065
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2005:972 (bzip2)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2005:972. A race condition vulnerability in the file permission restore code of bunzip2 was discovered by Imran Ghory. While a user was decompressing a file, a local attacker with write permissions to the directory containing the uncompressed file could replace the target file with a hard link which would cause bunzip2 to restore the file permissions of the original file to the hard link target. This could be exploited to gain read or write access to files of other users. A vulnerability was found where specially crafted bzip2 archives would cause an infinite loop in the decompressor, resulting in an indefinitively large output file (also known as a 'decompression bomb'). This could be exploited to cause a Denial of Service attack on the host computer due to disk space exhaustion. Solution: Perform the necessary upgrades. http://www.bzip.org http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000972 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0953 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html BugTraq ID: 12954 http://www.securityfocus.com/bid/12954 BugTraq ID: 26444 http://www.securityfocus.com/bid/26444 Bugtraq: 20050330 bzip2 TOCTOU file-permissions vulnerability (Google Search) http://marc.info/?l=bugtraq&m=111229375217633&w=2 Bugtraq: 20070109 rPSA-2007-0004-1 bzip2 (Google Search) http://www.securityfocus.com/archive/1/456430/30/8730/threaded Cert/CC Advisory: TA07-319A http://www.us-cert.gov/cas/techalerts/TA07-319A.html Debian Security Information: DSA-730 (Google Search) http://www.debian.org/security/2005/dsa-730 http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_158801__Updated_bzip2_packages_fix_security_issues.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:026 NETBSD Security Advisory: NetBSD-SA2008-004 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-004.txt.asc http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10902 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1154 http://www.redhat.com/support/errata/RHSA-2005-474.html http://secunia.com/advisories/19183 http://secunia.com/advisories/27274 http://secunia.com/advisories/27643 http://secunia.com/advisories/29940 SGI Security Advisory: 20060301-01-U ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-103118-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200191-1 http://www.vupen.com/english/advisories/2007/3525 http://www.vupen.com/english/advisories/2007/3868 XForce ISS Database: bzip2-toctou-symlink(19926) https://exchange.xforce.ibmcloud.com/vulnerabilities/19926 Common Vulnerability Exposure (CVE) ID: CVE-2005-1260 103118 13657 http://www.securityfocus.com/bid/13657 15447 http://secunia.com/advisories/15447 19183 200191 20060301-01-U 26444 27274 27643 ADV-2007-3525 ADV-2007-3868 APPLE-SA-2007-11-14 DSA-741 http://www.debian.org/security/2005/dsa-741 FLSA:158801 RHSA-2005:474 TA07-319A USN-127-1 https://usn.ubuntu.com/127-1/ http://docs.info.apple.com/article.html?artnum=307041 oval:org.mitre.oval:def:10700 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10700 oval:org.mitre.oval:def:749 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A749
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.