Bug 346454 (CVE-2007-6209) - VUL-0: CVE-2007-6209: zsh: overwrite arbitrary files
Summary: VUL-0: CVE-2007-6209: zsh: overwrite arbitrary files
Status: RESOLVED INVALID
Alias: CVE-2007-6209
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Normal
Target Milestone: ---
Assignee: Hendrik Vogelsang
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2007-6209: CVSS v2 Base Score: 4....
Keywords:
Depends on:
Blocks:
 
Reported: 2007-12-06 10:34 UTC by Thomas Biege
Modified: 2018-02-26 15:46 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2007-12-06 10:34:06 UTC 
Hi.
There is a security bug in 'zsh'.

This bug is public.

There is no coordinated release date (CRD) set.

CVE number: CVE-2007-6209
CVE description: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209


Original posting:



======================================================
Name: CVE-2007-6209
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209

Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary
files via a symlink attack on temporary files.
Comment 1 Hendrik Vogelsang 2007-12-06 10:47:00 UTC 
We don't ship it.

$ for i in 10.1 10.2 10.3; do zgrep -c difflog \ /mounts/dist/full/full-$i-i386/ARCHIVES.gz; done
0
0
0

$ for i in sles8 sles9 sles10; do zgrep -c difflog \ /mounts/dist/full/full-$i-i386/ARCHIVES.gz; done
0
0
0
Comment 2 Thomas Biege 2009-10-14 00:22:03 UTC 
CVE-2007-6209: CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)