Your submission was sent successfully! Close

CVE-2005-0758

Published: 13 May 2005

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

Priority

Unknown

Status

Package Release Status
bzip2
Launchpad, Ubuntu, Debian
dapper
Released (1.0.3-0ubuntu2)
edgy
Released (1.0.3-0ubuntu2)
feisty
Released (1.0.3-0ubuntu2)
upstream Needs triage

gzip
Launchpad, Ubuntu, Debian
dapper
Released (1.3.5-12ubuntu0.1)
edgy
Released (1.3.5-14ubuntu1)
feisty
Released (1.3.5-14ubuntu1)
upstream Needs triage