Test Kennung:	1.3.6.1.4.1.25623.1.0.800452
Kategorie:	Denial of Service
Titel:	GZip 'huft_build()' in 'inflate.c' Input Validation Vulnerability - Windows
Zusammenfassung:	GZip is prone to Input Validation Vulnerability
Beschreibung:	Summary: GZip is prone to Input Validation Vulnerability Vulnerability Insight: The flaw is due to error in 'huft_build()' function in 'inflate.c', creates a hufts table that is too small. Vulnerability Impact: Successful exploitation could result in Denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. Affected Software/OS: GZip version prior to 1.3.13 on Windows. Solution: Update to GZip version 1.3.13 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2624 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Debian Security Information: DSA-1974 (Google Search) http://www.debian.org/security/2010/dsa-1974 http://www.mandriva.com/security/advisories?name=MDVSA-2010:020 http://article.gmane.org/gmane.comp.gnu.gzip.bugs/258 http://secunia.com/advisories/38132 http://secunia.com/advisories/38223 http://secunia.com/advisories/38232 SuSE Security Announcement: SUSE-SA:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.ubuntu.com/usn/USN-889-1 http://www.vupen.com/english/advisories/2010/0185
Copyright	Copyright (C) 2010 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.