CVE-2004-0970

Publication date 9 February 2005

Last updated 17 July 2025

Ubuntu priority

Description

The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
cscope	7.04 feisty	Fixed 15.5+cvs20050816-1
	6.10 edgy	Fixed 15.5+cvs20050816-1
	6.06 LTS dapper	Fixed 15.5+cvs20050816-1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0970

CVE-2004-0970

Description

Status

References

Other references

Access our resources on patching vulnerabilities