Vulnerability Name: | CVE-2006-4338 (CCN-29046) |
Assigned: | 2006-09-19 |
Published: | 2006-09-19 |
Updated: | 2018-10-17 |
Summary: | unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive. |
CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Low |
|
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Partial | 2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P) 1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Partial |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | Denial of Service |
References: | Source: SGI Type: UNKNOWN 20061001-01-P
Source: CCN Type: BugTraq Mailing List, Mon Oct 30 2006 - 14:34:37 CST [security bulletin] HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS)
Source: CCN Type: Full-Disclosure Mailing List, Tue Sep 19 2006 - 12:15:57 CDT rPSA-2006-0170-1 gzip
Source: CCN Type: Bugzilla Bug 204676 CVE-2006-4334 gzip multiple issues (CVE-2006-4335, CVE-2006-4336, CVE-2006-4337, CVE-2006-4338)
Source: MISC Type: UNKNOWN http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
Source: MITRE Type: CNA CVE-2006-4338
Source: CCN Type: Apple Security Update 2006-007 About the security content of Security Update 2006-007
Source: CONFIRM Type: UNKNOWN http://docs.info.apple.com/article.html?artnum=304829
Source: APPLE Type: UNKNOWN APPLE-SA-2006-11-28
Source: CCN Type: RHSA-2006-0667 gzip security update
Source: CCN Type: SA21996 gzip Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 21996
Source: SECUNIA Type: Patch, Vendor Advisory 22002
Source: SECUNIA Type: Patch, Vendor Advisory 22009
Source: SECUNIA Type: Patch, Vendor Advisory 22012
Source: SECUNIA Type: Patch, Vendor Advisory 22017
Source: SECUNIA Type: UNKNOWN 22027
Source: SECUNIA Type: Patch, Vendor Advisory 22033
Source: SECUNIA Type: Patch, Vendor Advisory 22034
Source: SECUNIA Type: Patch, Vendor Advisory 22043
Source: SECUNIA Type: UNKNOWN 22085
Source: SECUNIA Type: UNKNOWN 22101
Source: CCN Type: SA22435 Avaya Products gzip Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 22435
Source: SECUNIA Type: UNKNOWN 22487
Source: CCN Type: SA22661 HP Tru64 UNIX gzip Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 22661
Source: CCN Type: SA23153 LHa Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 23153
Source: CCN Type: SA23155 Mac OS X Security Update Fixes Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 23155
Source: SECUNIA Type: UNKNOWN 23156
Source: SECUNIA Type: UNKNOWN 23679
Source: SECUNIA Type: UNKNOWN 24435
Source: CCN Type: SA24636 VMware ESX Server Multiple Security Updates
Source: SECUNIA Type: UNKNOWN 24636
Source: CCN Type: FreeBSD-SA-06:21.gzip Multiple vulnerabilities in gzip
Source: FREEBSD Type: UNKNOWN FreeBSD-SA-06:21
Source: GENTOO Type: UNKNOWN GLSA-200609-13
Source: CCN Type: SECTRACK ID: 1016883 Gzip Bugs in Expanding Archives Let Remote Users Cause Denial of Service Conditions or Arbitrary Code Execution
Source: SECTRACK Type: UNKNOWN 1016883
Source: SLACKWARE Type: Patch SSA:2006-262
Source: SUNALERT Type: UNKNOWN 102766
Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm
Source: CCN Type: ASA-2006-218 gzip security update (RHSA-2006-0667)
Source: CCN Type: ASA-2007-034 Multiple Security Vulnerabilities in the gzip(1) Command May Lead to Denial of Service (DoS) or Execution of Arbitrary Code (SUN 102766)
Source: DEBIAN Type: DSA-1181 gzip -- several vulnerabilities
Source: CCN Type: GLSA-200609-13 gzip: Multiple vulnerabilities
Source: CCN Type: GLSA-200611-24 LHa: Multiple vulnerabilities
Source: GENTOO Type: UNKNOWN GLSA-200611-24
Source: MANDRIVA Type: UNKNOWN MDKSA-2006:167
Source: SUSE Type: UNKNOWN SUSE-SA:2006:056
Source: CCN Type: OpenPKG-SA-2006.020 gzip
Source: OPENPKG Type: UNKNOWN OpenPKG-SA-2006.020
Source: OSVDB Type: UNKNOWN 29008
Source: CCN Type: OSVDB ID: 29008 gzip unlzh.c huft_build() Function Infinite Loop DoS
Source: REDHAT Type: UNKNOWN RHSA-2006:0667
Source: BUGTRAQ Type: UNKNOWN 20060919 rPSA-2006-0170-1 gzip
Source: HP Type: UNKNOWN HPSBTU02168
Source: FEDORA Type: UNKNOWN FLSA:211760
Source: HP Type: UNKNOWN HPSBUX02195
Source: BUGTRAQ Type: UNKNOWN 20070330 VMSA-2007-0002 VMware ESX security updates
Source: BID Type: UNKNOWN 20101
Source: CCN Type: BID-20101 GNU GZip Archive Handling Multiple Remote Vulnerabilities
Source: TRUSTIX Type: UNKNOWN 2006-0052
Source: CCN Type: TLSA-2006-31 Multiple vulnerabilities in gzip
Source: CCN Type: USN-349-1 gzip vulnerabilities
Source: UBUNTU Type: UNKNOWN USN-349-1
Source: CERT Type: US Government Resource TA06-333A
Source: DEBIAN Type: UNKNOWN DSA-1181
Source: CONFIRM Type: UNKNOWN http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
Source: VUPEN Type: UNKNOWN ADV-2006-3695
Source: VUPEN Type: UNKNOWN ADV-2006-4275
Source: VUPEN Type: UNKNOWN ADV-2006-4750
Source: VUPEN Type: UNKNOWN ADV-2006-4760
Source: VUPEN Type: UNKNOWN ADV-2007-0092
Source: VUPEN Type: UNKNOWN ADV-2007-0832
Source: VUPEN Type: UNKNOWN ADV-2007-1171
Source: XF Type: UNKNOWN gzip-lhz-dos(29046)
Source: XF Type: UNKNOWN gzip-lhz-dos(29046)
Source: CONFIRM Type: UNKNOWN https://issues.rpath.com/browse/RPL-615
Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11290
Source: SUSE Type: SUSE-SA:2006:056 gzip security problems
|
Vulnerable Configuration: | Configuration 1: cpe:/a:gzip:gzip:1.3.5:*:*:*:*:*:*:* Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2: cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3: cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4: cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5: cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration CCN 1: cpe:/a:gnu:gzip:1.3.5:*:*:*:*:*:*:*AND cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:*OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*OR cpe:/a:openpkg:openpkg:2.5:*:*:*:*:*:*:*OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
gzip gzip 1.3.5
gnu gzip 1.3.5
freebsd freebsd *
openpkg openpkg current
gentoo linux *
suse linux enterprise server 8
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
suse suse linux 9.2
mandrakesoft mandrake linux corporate server 3.0
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
apple mac os x 10.3.9
apple mac os x server 10.3.9
debian debian linux 3.1
mandrakesoft mandrake multi network firewall 2.0
suse suse linux 10.0
redhat linux advanced workstation 2.1
mandrakesoft mandrake linux 2006
openpkg openpkg 2.5
canonical ubuntu 6.06
suse suse linux 10.1
mandrakesoft mandrake linux 2006
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 3.0
apple mac os x server 10.4.8
apple mac os x 10.4.8
turbolinux turbolinux fuji
turbolinux turbolinux personal *
turbolinux turbolinux home *
turbolinux turbolinux multimedia *
suse suse linux 9.3