CVE-2002-0435 in Fileutils
Summary
by MITRE
Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 09/17/2025
The vulnerability described in CVE-2002-0435 represents a critical race condition affecting GNU File Utilities version 4.1 and earlier, specifically within the recursive directory deletion and move operations. This flaw exists in the fundamental file system manipulation functions that handle directory hierarchies, creating a window where malicious local users can exploit timing discrepancies to gain unauthorized access to system resources. The vulnerability stems from the improper handling of directory traversal operations during concurrent file system modifications, where the system's ability to maintain consistent directory state becomes compromised.
The technical implementation of this race condition occurs when the fileutils utility processes recursive directory operations, particularly during the deletion or moving of directories that contain nested subdirectories. When a low-level directory is simultaneously being deleted while another process attempts to move it to a higher level in the directory structure, the system's internal state management fails to maintain proper context. This condition allows the chdir system call to navigate to parent directories that are higher than intended, potentially reaching the root file system level, thereby enabling unauthorized access to critical system directories.
The operational impact of this vulnerability extends beyond simple directory manipulation, as it fundamentally compromises the security model of the file system operations. Attackers can exploit this condition to delete or access directories that should remain protected, effectively bypassing normal file system permissions and access controls. The vulnerability is particularly dangerous in multi-user environments where local users might attempt to leverage this race condition to escalate privileges or gain access to sensitive system directories. The race condition creates a scenario where the file system's internal state becomes inconsistent, allowing for unexpected directory traversal paths that can lead to arbitrary file system modifications.
This vulnerability aligns with CWE-367, which addresses the Time-of-Check to Time-of-Use (TOCTOU) race condition, and demonstrates how improper synchronization of file system operations can lead to security breaches. From an ATT&CK framework perspective, this vulnerability maps to techniques involving privilege escalation and persistence through file system manipulation. The attack vector involves local users with minimal privileges who can exploit the timing window to perform unauthorized operations. Mitigation strategies should focus on implementing proper locking mechanisms during directory operations, ensuring atomicity of file system modifications, and applying immediate patches to affected GNU File Utilities installations. Additionally, system administrators should consider implementing file system monitoring and access control measures to detect and prevent exploitation attempts, while also ensuring that all systems running these utilities are updated to versions that address this race condition vulnerability.