Description
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
References (1)
Core 1
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105457180009860&w=2
Scores
CVSS v3
7.1
EPSS
0.0032
EPSS Percentile
23.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Details
CWE
CWE-59
Status
published
Products (1)
schroepl/mod_gzip
< 1.3.26.1a
Published
Nov 17, 2003
Tracked Since
Feb 18, 2026