Vulnerabilities > CVE-2005-2991 - Local Security vulnerability in ncompress
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Statements
contributor | Mark J Cox |
lastmodified | 2006-08-30 |
organization | Red Hat |
statement | Not vulnerable. This issue did not affect the ncompress packages as distributed with Red Hat Enterprise Linux 2.1, 3, or 4. |