FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4335

This CVE name corresponds to:

Entered Topic
2006-12-19 gzip -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2006-4335
Phase Assigned(20060824)

Description

Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."

References

Source Reference
BUGTRAQ 20060919 rPSA-2006-0170-1 gzip
BUGTRAQ 20070330 VMSA-2007-0002 VMware ESX security updates
MISC http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm
CONFIRM http://docs.info.apple.com/article.html?artnum=304829
CONFIRM https://issues.rpath.com/browse/RPL-615
CONFIRM http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
APPLE APPLE-SA-2006-11-28
DEBIAN DSA-1181
FEDORA FLSA:211760
FREEBSD FreeBSD-SA-06:21
GENTOO GLSA-200609-13
GENTOO GLSA-200611-24
HP HPSBTU02168
HP SSRT061237
HP HPSBUX02195
MANDRIVA MDKSA-2006:167
OPENPKG OpenPKG-SA-2006.020
REDHAT RHSA-2006:0667
SGI 20061001-01-P
SLACKWARE SSA:2006-262
SUNALERT 102766
SUSE SUSE-SA:2006:056
TRUSTIX 2006-0052
UBUNTU USN-349-1
CERT TA06-333A
CERT-VN VN#381508
BID 20101
OVAL oval:org.mitre.oval:def:10391
VUPEN ADV-2006-3695
VUPEN ADV-2006-4275
VUPEN ADV-2006-4750
VUPEN ADV-2006-4760
VUPEN ADV-2007-0092
VUPEN ADV-2007-0832
VUPEN ADV-2007-1171
SECTRACK 1016883
SECUNIA 22002
SECUNIA 22009
SECUNIA 22017
SECUNIA 22033
SECUNIA 22034
SECUNIA 22012
SECUNIA 22043
SECUNIA 22085
SECUNIA 22101
SECUNIA 22027
SECUNIA 22435
SECUNIA 22661
SECUNIA 22487
SECUNIA 23153
SECUNIA 23155
SECUNIA 23156
SECUNIA 21996
SECUNIA 23679
SECUNIA 24435
SECUNIA 24636
XF gzip-lzh-array-code-execution(29040)