ID de Prueba:	1.3.6.1.4.1.25623.1.0.800453
Categoría:	Denial of Service
Título:	GZip 'huft_build()' in 'inflate.c' Input Validation Vulnerability - Linux
Resumen:	GZip is prone to an input validation vulnerability.
Descripción:	Summary: GZip is prone to an input validation vulnerability. Vulnerability Insight: The flaw is due to an error in 'huft_build()' function in 'inflate.c' which creates a hufts table that is too small. Vulnerability Impact: Successful exploitation could result in a Denial of Service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. Affected Software/OS: GZip version prior to 1.3.13 on Linux. Solution: Update to GZip version 1.3.13 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2624 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Debian Security Information: DSA-1974 (Google Search) http://www.debian.org/security/2010/dsa-1974 http://www.mandriva.com/security/advisories?name=MDVSA-2010:020 http://article.gmane.org/gmane.comp.gnu.gzip.bugs/258 http://secunia.com/advisories/38132 http://secunia.com/advisories/38223 http://secunia.com/advisories/38232 SuSE Security Announcement: SUSE-SA:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.ubuntu.com/usn/USN-889-1 http://www.vupen.com/english/advisories/2010/0185
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.