2.1
CVE-2002-0761
- EPSS 0.39%
- Veröffentlicht 12.08.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:58:05
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.303 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-039.0.txt
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc
http://www.iss.net/security_center/static/9128.php
http://www.securityfocus.com/bid/4776