CVE-2005-0758
CVE-2005-0758
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txtftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.aschttp://bugs.gentoo.org/show_bug.cgi?id=90626http://docs.info.apple.com/article.html?artnum=306172http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlhttp://rhn.redhat.com/errata/RHSA-2005-357.htmlhttp://secunia.com/advisories/18100http://secunia.com/advisories/19183http://secunia.com/advisories/22033http://secunia.com/advisories/26235http://securitytracker.com/id?1013928https://exchange.xforce.ibmcloud.com/vulnerabilities/20539