Test ID:	1.3.6.1.4.1.25623.1.0.57891
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200609-13 (gzip)
Summary:	The remote host is missing updates announced in;advisory GLSA 200609-13.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200609-13. Vulnerability Insight: gzip is affected by multiple vulnerabilities, including buffer overflows and infinite loops, possibly allowing the execution of arbitrary code. Solution: All gzip users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/gzip-1.3.5-r9' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4334 1016883 http://securitytracker.com/id?1016883 102766 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1 2006-0052 http://www.trustix.org/errata/2006/0052/ 20060919 rPSA-2006-0170-1 gzip http://www.securityfocus.com/archive/1/446426/100/0/threaded 20061001-01-P ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc 20070330 VMSA-2007-0002 VMware ESX security updates http://www.securityfocus.com/archive/1/464268/100/0/threaded 20101 http://www.securityfocus.com/bid/20101 21996 http://secunia.com/advisories/21996 22002 http://secunia.com/advisories/22002 22009 http://secunia.com/advisories/22009 22012 http://secunia.com/advisories/22012 22017 http://secunia.com/advisories/22017 22027 http://secunia.com/advisories/22027 22033 http://secunia.com/advisories/22033 22034 http://secunia.com/advisories/22034 22043 http://secunia.com/advisories/22043 22085 http://secunia.com/advisories/22085 22101 http://secunia.com/advisories/22101 22435 http://secunia.com/advisories/22435 22487 http://secunia.com/advisories/22487 22661 http://secunia.com/advisories/22661 23155 http://secunia.com/advisories/23155 23679 http://secunia.com/advisories/23679 24435 http://secunia.com/advisories/24435 24636 http://secunia.com/advisories/24636 ADV-2006-4275 http://www.vupen.com/english/advisories/2006/4275 ADV-2006-4750 http://www.vupen.com/english/advisories/2006/4750 ADV-2007-0092 http://www.vupen.com/english/advisories/2007/0092 ADV-2007-0832 http://www.vupen.com/english/advisories/2007/0832 ADV-2007-1171 http://www.vupen.com/english/advisories/2007/1171 APPLE-SA-2006-11-28 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html DSA-1181 http://www.us.debian.org/security/2006/dsa-1181 FLSA:211760 http://www.securityfocus.com/archive/1/451324/100/0/threaded FreeBSD-SA-06:21 http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc GLSA-200609-13 http://security.gentoo.org/glsa/glsa-200609-13.xml HPSBTU02168 http://www.securityfocus.com/archive/1/450078/100/0/threaded HPSBUX02195 http://www.securityfocus.com/archive/1/462007/100/0/threaded MDKSA-2006:167 http://www.mandriva.com/security/advisories?name=MDKSA-2006:167 OpenPKG-SA-2006.020 http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html RHSA-2006:0667 http://www.redhat.com/support/errata/RHSA-2006-0667.html SSA:2006-262 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 SSRT061237 SUSE-SA:2006:056 http://www.novell.com/linux/security/advisories/2006_56_gzip.html TA06-333A http://www.us-cert.gov/cas/techalerts/TA06-333A.html USN-349-1 http://www.ubuntu.com/usn/usn-349-1 VU#933712 http://www.kb.cert.org/vuls/id/933712 gzip-huftbuild-code-execution(29038) https://exchange.xforce.ibmcloud.com/vulnerabilities/29038 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676 http://docs.info.apple.com/article.html?artnum=304829 http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html https://issues.rpath.com/browse/RPL-615 oval:org.mitre.oval:def:10527 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10527 Common Vulnerability Exposure (CVE) ID: CVE-2006-4335 23153 http://secunia.com/advisories/23153 23156 http://secunia.com/advisories/23156 ADV-2006-3695 http://www.vupen.com/english/advisories/2006/3695 ADV-2006-4760 http://www.vupen.com/english/advisories/2006/4760 GLSA-200611-24 http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml VU#381508 http://www.kb.cert.org/vuls/id/381508 gzip-lzh-array-code-execution(29040) https://exchange.xforce.ibmcloud.com/vulnerabilities/29040 oval:org.mitre.oval:def:10391 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391 Common Vulnerability Exposure (CVE) ID: CVE-2006-4336 VU#554780 http://www.kb.cert.org/vuls/id/554780 gzip-unpack-buffer-underflow(29042) https://exchange.xforce.ibmcloud.com/vulnerabilities/29042 oval:org.mitre.oval:def:10140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10140 Common Vulnerability Exposure (CVE) ID: CVE-2006-4337 oval:org.mitre.oval:def:11212 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11212 Common Vulnerability Exposure (CVE) ID: CVE-2006-4338 29008 http://www.osvdb.org/29008 gzip-lhz-dos(29046) https://exchange.xforce.ibmcloud.com/vulnerabilities/29046 oval:org.mitre.oval:def:11290 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11290
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.