Vulnerability Details CVE-2005-0602
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.9%
CVSS Severity
CVSS v2 Score 6.2
References
- http://marc.info/?l=bugtraq&m=110960796331943&w=2
- http://secunia.com/advisories/17045
- http://secunia.com/advisories/17342
- http://secunia.com/advisories/27684
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103150-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200844-1
- http://www.info-zip.org/FAQ.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:197
- http://www.securityfocus.com/bid/14447
- http://www.trustix.org/errata/2005/0053/
- http://www.vupen.com/english/advisories/2007/3866
- http://marc.info/?l=bugtraq&m=110960796331943&w=2
- http://secunia.com/advisories/17045
- http://secunia.com/advisories/17342
- http://secunia.com/advisories/27684
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103150-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200844-1
- http://www.info-zip.org/FAQ.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:197
- http://www.securityfocus.com/bid/14447
- http://www.trustix.org/errata/2005/0053/
- http://www.vupen.com/english/advisories/2007/3866