The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation12 reference(s) from NVD