CVE-2002-0761
First published: Mon Aug 12 2002(Updated: )
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bzip Bzip2 | =1.0 | |
| Bzip Bzip2 | =0.9.5d | |
| Bzip Bzip2 | =0.9.0a | |
| Bzip Bzip2 | =0.9.0 | |
| Bzip Bzip2 | =0.9.5a | |
| Bzip Bzip2 | =0.9.5b | |
| Bzip Bzip2 | =0.9.0c | |
| Bzip Bzip2 | =1.0.1 | |
| Bzip Bzip2 | =0.9.5c | |
| Bzip Bzip2 | =0.9.0b |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/bzip
- canonical/bzip bzip2
- version/bzip bzip2/1.0
- version/bzip bzip2/0.9.5d
- version/bzip bzip2/0.9.0a
- version/bzip bzip2/0.9.0
- version/bzip bzip2/0.9.5a
- version/bzip bzip2/0.9.5b
- version/bzip bzip2/0.9.0c
- version/bzip bzip2/1.0.1
- version/bzip bzip2/0.9.5c
- version/bzip bzip2/0.9.0b