Title: gzip -N Option Traversal Arbitrary File Write

• Secunia Advisory ID: 15047 15308 15424 15655 15937 16030 16152 16643 17645 18100 21253
• CVE ID: 2005-1228 (see also: NVD)
• ISS X-Force ID: 20199
• Other Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:11.gzip.asc http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000974
  http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:092
  http://security.gentoo.org/glsa/glsa-200505-05.xml
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1
  http://www.debian.org/security/2005/dsa-752
• Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt http://docs.info.apple.com/article.html?artnum=304063
  http://rhn.redhat.com/errata/RHSA-2005-357.html
  http://support.avaya.com/elmodocs2/security/ASA-2005-172.pdf
  http://www.ipcop.org/modules.php?op=modload&name=News&file=article&sid=21&mode=th ......
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0305.html
• Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305255
• Vendor URL: http://www.gzip.org/
• Keyword: SCOSA-2005.49

• Ulf Harnhammar - Debian Security Audit Project