Red Hat Bugzilla – Bug 97341
CAN-2003-0367 tmpfile symlink race in znew
Last modified: 2007-04-18 12:54:48 EDT
Paul Szabo discovered that znew, a script included in the gzip
package, creates its temporary files without taking precautions to
avoid a symlink attack (CAN-2003-0367). gzexe had a similar
vulnerability a while ago, CVE-1999-1332.
Not yet investigated if this affects RHL or which versions.
The znew in gzip-1.3.3 does not use /tmp files.