Vulnerability Details : CVE-2011-4089
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2011-4089
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 11 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-4089
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2011-4089
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-4089
-
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862
#632862 - insecure temporary file creation (bzexe) - Debian Bug report logsPatch
-
http://www.openwall.com/lists/oss-security/2011/10/28/16
oss-security - Re: Request for CVE Identifier: bzexe insecure temporary file
-
http://www.exploit-db.com/exploits/18147
bzexe (bzip2) - Race Condition - Linux local ExploitExploit
-
http://www.ubuntu.com/usn/USN-1308-1
USN-1308-1: bzip2 vulnerability | Ubuntu security noticesPatch
-
http://seclists.org/fulldisclosure/2011/Oct/804
Full Disclosure: Re: Symlink vulnerabilities
Products affected by CVE-2011-4089
- cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*