Search for vulnerabilities
Vulnerability details: VCID-3g2x-mymc-aaac
Vulnerability ID VCID-3g2x-mymc-aaac
Aliases CVE-2005-1228
Summary Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Low https://access.redhat.com/errata/RHSA-2005:357
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.00802 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.02434 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.02434 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.02434 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.02434 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.04585 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
epss 0.07421 https://api.first.org/data/v1/epss?cve=CVE-2005-1228
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1617616
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2005-1228
Reference id Reference type URL
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305255
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
http://marc.info/?l=bugtraq&m=111402732406477&w=2
http://rhn.redhat.com/errata/RHSA-2005-357.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1228.json
https://api.first.org/data/v1/epss?cve=CVE-2005-1228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228
http://secunia.com/advisories/15047
http://secunia.com/advisories/18100
http://secunia.com/advisories/21253
http://secunia.com/advisories/22033
https://exchange.xforce.ibmcloud.com/vulnerabilities/20199
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11057
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A170
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A382
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1
http://www.debian.org/security/2005/dsa-752
http://www.osvdb.org/15721
http://www.securityfocus.com/bid/19289
http://www.us-cert.gov/cas/techalerts/TA06-214A.html
http://www.vupen.com/english/advisories/2006/3101
1617616 https://bugzilla.redhat.com/show_bug.cgi?id=1617616
cpe:2.3:a:gnu:gzip:1.2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:gzip:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gzip:1.3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:gzip:1.3.3:*:*:*:*:*:*:*
CVE-2005-1228 https://nvd.nist.gov/vuln/detail/CVE-2005-1228
RHSA-2005:357 https://access.redhat.com/errata/RHSA-2005:357
USN-116-1 https://usn.ubuntu.com/116-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2005-1228
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.82133
EPSS Score 0.00802
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.