oval:org.mitre.oval:def:358

Definition Id: oval:org.mitre.oval:def:358

Oval ID:	oval:org.mitre.oval:def:358
Title:	cpio Race Condition
Description:	Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1111	Version:	1
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	cpio
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND cpio rpm is older than 0:2.5-4.RHEL3 AND Configuration section /bin/cpio is executable by all