English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.57726
Kategorie:FreeBSD Local Security Checks
Titel:FreeBSD Ports: gzip
Zusammenfassung:The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: gzip

CVE-2006-4334
Unspecified vulnerability in gzip 1.3.5 allows context-dependent
attackers to cause a denial of service (crash) via a crafted GZIP (gz)
archive, which results in a NULL dereference.

CVE-2006-4335
Array index error in the make_table function in unlzh.c in the LZH
decompression component in gzip 1.3.5, when running on certain
platforms, allows context-dependent attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a crafted GZIP
archive that triggers an out-of-bounds write, aka a 'stack
modification vulnerability.'

CVE-2006-4336
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows
context-dependent attackers to execute arbitrary code via a crafted leaf
count table that causes a write to a negative index.

CVE-2006-4337
Buffer overflow in the make_table function in the LHZ component in
gzip 1.3.5 allows context-dependent attackers to execute arbitrary
code via a crafted decoding table in a GZIP archive.

CVE-2006-4338
unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent
attackers to cause a denial of service (infinite loop) via a crafted
GZIP archive.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-4334
1016883
http://securitytracker.com/id?1016883
102766
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1
2006-0052
http://www.trustix.org/errata/2006/0052/
20060919 rPSA-2006-0170-1 gzip
http://www.securityfocus.com/archive/1/446426/100/0/threaded
20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
20070330 VMSA-2007-0002 VMware ESX security updates
http://www.securityfocus.com/archive/1/464268/100/0/threaded
20101
http://www.securityfocus.com/bid/20101
21996
http://secunia.com/advisories/21996
22002
http://secunia.com/advisories/22002
22009
http://secunia.com/advisories/22009
22012
http://secunia.com/advisories/22012
22017
http://secunia.com/advisories/22017
22027
http://secunia.com/advisories/22027
22033
http://secunia.com/advisories/22033
22034
http://secunia.com/advisories/22034
22043
http://secunia.com/advisories/22043
22085
http://secunia.com/advisories/22085
22101
http://secunia.com/advisories/22101
22435
http://secunia.com/advisories/22435
22487
http://secunia.com/advisories/22487
22661
http://secunia.com/advisories/22661
23155
http://secunia.com/advisories/23155
23679
http://secunia.com/advisories/23679
24435
http://secunia.com/advisories/24435
24636
http://secunia.com/advisories/24636
ADV-2006-4275
http://www.vupen.com/english/advisories/2006/4275
ADV-2006-4750
http://www.vupen.com/english/advisories/2006/4750
ADV-2007-0092
http://www.vupen.com/english/advisories/2007/0092
ADV-2007-0832
http://www.vupen.com/english/advisories/2007/0832
ADV-2007-1171
http://www.vupen.com/english/advisories/2007/1171
APPLE-SA-2006-11-28
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
DSA-1181
http://www.us.debian.org/security/2006/dsa-1181
FLSA:211760
http://www.securityfocus.com/archive/1/451324/100/0/threaded
FreeBSD-SA-06:21
http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc
GLSA-200609-13
http://security.gentoo.org/glsa/glsa-200609-13.xml
HPSBTU02168
http://www.securityfocus.com/archive/1/450078/100/0/threaded
HPSBUX02195
http://www.securityfocus.com/archive/1/462007/100/0/threaded
MDKSA-2006:167
http://www.mandriva.com/security/advisories?name=MDKSA-2006:167
OpenPKG-SA-2006.020
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html
RHSA-2006:0667
http://www.redhat.com/support/errata/RHSA-2006-0667.html
SSA:2006-262
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852
SSRT061237
SUSE-SA:2006:056
http://www.novell.com/linux/security/advisories/2006_56_gzip.html
TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
USN-349-1
http://www.ubuntu.com/usn/usn-349-1
VU#933712
http://www.kb.cert.org/vuls/id/933712
gzip-huftbuild-code-execution(29038)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29038
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
http://docs.info.apple.com/article.html?artnum=304829
http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
https://issues.rpath.com/browse/RPL-615
oval:org.mitre.oval:def:10527
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10527
Common Vulnerability Exposure (CVE) ID: CVE-2006-4335
23153
http://secunia.com/advisories/23153
23156
http://secunia.com/advisories/23156
ADV-2006-3695
http://www.vupen.com/english/advisories/2006/3695
ADV-2006-4760
http://www.vupen.com/english/advisories/2006/4760
GLSA-200611-24
http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml
VU#381508
http://www.kb.cert.org/vuls/id/381508
gzip-lzh-array-code-execution(29040)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29040
oval:org.mitre.oval:def:10391
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391
Common Vulnerability Exposure (CVE) ID: CVE-2006-4336
VU#554780
http://www.kb.cert.org/vuls/id/554780
gzip-unpack-buffer-underflow(29042)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29042
oval:org.mitre.oval:def:10140
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10140
Common Vulnerability Exposure (CVE) ID: CVE-2006-4337
oval:org.mitre.oval:def:11212
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11212
Common Vulnerability Exposure (CVE) ID: CVE-2006-4338
29008
http://www.osvdb.org/29008
gzip-lhz-dos(29046)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29046
oval:org.mitre.oval:def:11290
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11290
CopyrightCopyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.