CVE-2004-0970

Publication date 9 February 2005

Last updated 24 July 2024

Ubuntu priority

The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
cscope	7.04 feisty	Fixed 15.5+cvs20050816-1
	6.10 edgy	Fixed 15.5+cvs20050816-1
	6.06 LTS dapper	Fixed 15.5+cvs20050816-1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0970