Description
Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.
References (8)
Core 8
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-016.html
Various Sources vendor-advisory
x_refsource_mandrake
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php
Various Sources x_refsource_confirm
http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-015.html
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4266
Patch, Vendor Advisory vendor-advisory
x_refsource_caldera
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt
Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/260936
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8432.php
Scores
EPSS
0.0007
EPSS Percentile
22.2%
Details
Status
published
Products (3)
gnu/fileutils
4.0
gnu/fileutils
4.1
gnu/fileutils
4.1.6
Published
Jul 26, 2002
Tracked Since
Feb 18, 2026