Oval Definition:oval:org.mitre.oval:def:19420
Revision Date:2014-03-24Version:25
Title:HP-UX Running Software Distributor (SD), Remote Denial of Service (DoS)
Description:Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-4335
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02195
  • HP-UX B.11.11
  • AND filesets tests
  • SW-DIST.GZIP is installed
  • OR SW-DIST.SD-AGENT is installed
  • OR SW-DIST.SD-CMDS is installed
  • AND NOT Patch PHCO_35587 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02195
  • HP-UX B.11.23
  • AND filesets tests
  • SW-DIST.GZIP version is less than B.11.23.0612
  • OR SW-DIST.SD-AGENT version is less than B.11.23.0612
  • OR SW-DIST.SD-CMDS version is less than B.11.23.0612
    • BACK