Saturday, 19 May 2012
Home arrow Advertises arrow Vulnerabilities arrow Multiple security vulnerabilities in compression tool gzip
Security software
Anti spam tools
Anti spyware tools
Antivirus
Backup
Encryption
Firewall
Free software
Passwords managers
Popup ad blockers
Other
Other
Submit software
Security news
Security information
Contact us


RSS
Security software
Security software


Sell software online
Affiliate Programs
Hand guns


Multiple security vulnerabilities in compression tool gzip
Thursday, 28 September 2006
Numerous Linux distributors and the developers of FreeBSD have released new packets of the open source (un)zip program gzip (GNUzip). The update fixes four vulnerabilities. Three of these are based on buffer overflows in the functions make_table in unlzh.c, build_tree in unpack.c and make_table in the LHA support. When unzipping prepared archives, malicious code can be infiltrated onto the computer and be executed in the user's context. The fourth vulnerability is in the function huft_build during LZH processing, however, it merely cases the application to crash.

No official patch is available at present. Users should install the packages for their distribution as quickly as possible.

See also:

* CVE-2006-4334 gzip multiple issues, entry in Bugzilla database by Red Hat

 
< Prev   Next >
[ Back ]
Security articles
  • Rootkits the new weapon for cyber criminals (q)
  • Sniffing (q)
  • Definition: PGP (q)
  • Cryptanalysis (q)
  • Backup Hints (q)
    • © 2004-2007 Daita.org