oval:org.mitre.oval:def:1154

Definition Id: oval:org.mitre.oval:def:1154

Oval ID:	oval:org.mitre.oval:def:1154
Title:	bzip2 Arbitrary File Permission Modification Vulnerability
Description:	Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0953	Version:	1
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	bzip2
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND bzip2 RPM earlier than 0:1.0.2-11.EL3.4 AND Configuration section /usr/bin/bzip2 is executable