Test ID:	1.3.6.1.4.1.25623.1.0.66758
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2010:0061
Summary:	Redhat Security Advisory RHSA-2010:0061
Description:	The remote host is missing updates announced in advisory RHSA-2010:0061. The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. If a victim expanded a specially-crafted archive, it could cause gzip to crash or, potentially, execute arbitrary code with the privileges of the user running gzip. This flaw only affects 64-bit systems. (CVE-2010-0001) Red Hat would like to thank Aki Helin of the Oulu University Secure Programming Group for responsibly reporting this flaw. Users of gzip should upgrade to this updated package, which contains a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0061.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0001 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Debian Security Information: DSA-1974 (Google Search) http://www.debian.org/security/2010/dsa-1974 Debian Security Information: DSA-2074 (Google Search) http://www.debian.org/security/2010/dsa-2074 HPdes Security Advisory: HPSBMA02554 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 HPdes Security Advisory: SSRT100018 http://www.mandriva.com/security/advisories?name=MDVSA-2010:019 http://www.mandriva.com/security/advisories?name=MDVSA-2010:020 http://www.mandriva.com/security/advisories?name=MDVSA-2011:152 http://www.redhat.com/support/errata/RHSA-2010-0061.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html SuSE Security Announcement: SUSE-SA:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.ubuntu.com/usn/USN-889-1 http://www.osvdb.org/61869 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10546 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7511 http://securitytracker.com/id?1023490 http://secunia.com/advisories/38220 http://secunia.com/advisories/38223 http://secunia.com/advisories/38225 http://secunia.com/advisories/38232 http://secunia.com/advisories/40551 http://secunia.com/advisories/40655 http://secunia.com/advisories/40689 http://www.vupen.com/english/advisories/2010/0185 http://www.vupen.com/english/advisories/2010/1796 http://www.vupen.com/english/advisories/2010/1872
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: