Gentoo : Security Vulnerabilities, CVEs, CVSS score between 3 and 3.99
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
Max CVSS
3.7
EPSS Score
0.13%
Published
2005-05-02
Updated
2017-10-11
Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
Max CVSS
3.6
EPSS Score
0.04%
Published
2008-04-18
Updated
2017-08-08
2 vulnerabilities found