Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
bzip2解压文件权限不安全漏洞
Vulnerability Description
bzip2是英国软件开发者Julian Seward所研发的一套用于类Unix操作系统中的开源文件压缩和解压工具。 bzip2存在竞争条件漏洞,可导致解压的文件权限为全局可读。 bzip2在建立文件和设置正确权限之间存在竞争条件漏洞,可导致bzip2解压不安全的全局可读的文件。攻击者可能利用这个漏洞获得其他本地用户文件的内容。
CVSS Information
N/A
Vulnerability Type
N/A