CVE-2005-0988: Race Condition

Published Apr 6, 2005
·
Updated

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

Affected Software

104 affected components
GNU gzip=1.3.3
GNU gzip=1.2.4
GNU gzip=1.2.4a
FreeBSD FreeBSD=4.3-releng
redhat Enterprise Linux=2.1
FreeBSD FreeBSD=4.1.1-stable
FreeBSD FreeBSD=4.6-releng
FreeBSD FreeBSD=5.4-releng
FreeBSD FreeBSD=5.3-release
redhat Enterprise Linux=4.0
FreeBSD FreeBSD=4.1.1-release
Trustix Secure Linux=2.0
redhat Enterprise Linux Desktop=3.0
FreeBSD FreeBSD=5.1-releng
Ubuntu Ubuntu Linux=4.1
redhat Linux Advanced Workstation=2.1
redhat Enterprise Linux=4.0
FreeBSD FreeBSD=4.4-stable
FreeBSD FreeBSD=5.3
FreeBSD FreeBSD=4.6-stable
redhat Enterprise Linux=3.0
FreeBSD FreeBSD=4.8-release_p6
redhat Enterprise Linux=2.1
FreeBSD FreeBSD=4.6-release
FreeBSD FreeBSD=5.1-release_p5
FreeBSD FreeBSD=4.3-stable
Turbolinux Turbolinux Appliance Server=1.0_workgroup
FreeBSD FreeBSD=4.7-stable
FreeBSD FreeBSD=5.2.1-releng
FreeBSD FreeBSD=5.0-release_p14
FreeBSD FreeBSD=5.1-release
redhat Enterprise Linux=2.1
FreeBSD FreeBSD=4.3-release_p38
Turbolinux Turbolinux Server=7.0
FreeBSD FreeBSD=4.5-stable
FreeBSD FreeBSD=4.6-release_p20
FreeBSD FreeBSD=4.5-release
FreeBSD FreeBSD=5.0-releng
Ubuntu Ubuntu Linux=5.04
FreeBSD FreeBSD=5.1-alpha
FreeBSD FreeBSD=4.3-release
FreeBSD FreeBSD=4.10-releng
FreeBSD FreeBSD=4.7-releng
FreeBSD FreeBSD=4.2-stable
FreeBSD FreeBSD=4.5
FreeBSD FreeBSD=4.4-release_p42
FreeBSD FreeBSD=4.7
Ubuntu Ubuntu Linux=5.04
FreeBSD FreeBSD=4.11-releng
FreeBSD FreeBSD=4.1
FreeBSD FreeBSD=4.10-release
Turbolinux Turbolinux Workstation=7.0
FreeBSD FreeBSD=4.4-releng
FreeBSD FreeBSD=4.4
FreeBSD FreeBSD=4.9-releng
FreeBSD FreeBSD=5.1
FreeBSD FreeBSD=4.7-release_p17
FreeBSD FreeBSD=4.9-pre-release
redhat Linux Advanced Workstation=2.1
FreeBSD FreeBSD=4.8-pre-release
FreeBSD FreeBSD=5.2
FreeBSD FreeBSD=4.5-release_p32
FreeBSD FreeBSD=4.11-release_p3
FreeBSD FreeBSD=4.10-release_p8
Turbolinux Turbolinux Home
redhat Enterprise Linux=4.0
Turbolinux Turbolinux Workstation=8.0
FreeBSD FreeBSD=4.8
FreeBSD FreeBSD=4.2
redhat Enterprise Linux=3.0
FreeBSD FreeBSD=5.4-pre-release
redhat Enterprise Linux=2.1
FreeBSD FreeBSD=4.0-releng
FreeBSD FreeBSD=4.0
FreeBSD FreeBSD=4.1.1
FreeBSD FreeBSD=4.6
FreeBSD FreeBSD=4.3
FreeBSD FreeBSD=4.10
FreeBSD FreeBSD=5.4-release
Turbolinux Turbolinux Appliance Server=1.0_hosting
FreeBSD FreeBSD=5.0-alpha
redhat Enterprise Linux=2.1
FreeBSD FreeBSD=4.5-releng
Trustix Secure Linux=2.1
redhat Enterprise Linux Desktop=4.0
Ubuntu Ubuntu Linux=5.04
Trustix Secure Linux=2.2
FreeBSD FreeBSD=5.2.1-release
Turbolinux Turbolinux Server=8.0
FreeBSD FreeBSD=4.8-releng
Ubuntu Ubuntu Linux=4.1
FreeBSD FreeBSD=5.0
FreeBSD FreeBSD=5.3-stable
FreeBSD FreeBSD=4.0-alpha
Turbolinux Turbolinux Server=10.0
FreeBSD FreeBSD=4.7-release
Gentoo Linux
Turbolinux Turbolinux Desktop=10.0
FreeBSD FreeBSD=4.9
FreeBSD FreeBSD=4.6.2
redhat Enterprise Linux=2.1
FreeBSD FreeBSD=5.3-releng
FreeBSD FreeBSD=4.11-stable
redhat Enterprise Linux=3.0

Remediation

Patch Available

http://www.securityfocus.com/bid/12996

Event History

Apr 6, 2005
CVE Published
via MITRE·08:00 AM
Data Sourced
via MITRE·08:00 AM
Description
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2005-0988?

CVE-2005-0988 is considered a moderate severity vulnerability due to its potential for local privilege escalation.

2

How do I fix CVE-2005-0988?

To fix CVE-2005-0988, update the GNU gzip version to 1.3.4 or later, or apply available vendor patches.

3

Which versions of gzip are affected by CVE-2005-0988?

CVE-2005-0988 affects gzip versions 1.2.4, 1.2.4a, and 1.3.3 and earlier.

4

What impact does CVE-2005-0988 have on system security?

The impact of CVE-2005-0988 allows local users to alter permissions of arbitrary files, potentially compromising system integrity.

5

Is there a workaround for CVE-2005-0988?

A temporary workaround for CVE-2005-0988 is to avoid using gzip for decompressing files in sensitive locations.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203