|
|
|
View Notes By
|
|
|
|
Other Documents
|
|
|
|
 |
Vulnerability Note VU#381508
gzip contains an array out-of-bounds vulnerability in make_table()
OverviewThe gzip program contains a stack modification vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition..
I. DescriptionThe gzip program is used to compress and decompress archived files.
A stack modification vulnerability exists in gzip. An attacker may be able to exploit this vulnerability by convincing a user to open a specially crafted gzip file.
Note that the attacker could either convince a user to open a malicious gzip file, or save the file in a place where another program would call gzip to decompress the archive.
II. ImpactA remote, unauthenticated attacker may be able to execute arbitrary code, or create a denial-of-service condition..
III. SolutionUpgrade
This issue has been addressed in gzip 1.3.6. See the systems affected section of this document for information about specific vendors.
Workarounds
Until updates can be applied, the following workarounds may mitigate the impact of this vulnerability:
- Do not decompress gzip files that are received from unknown sources.
- Do not execute gzip with system-level privileges.
- Some automated processes may rely on gzip to complete their tasks. When possible, disable such programs or do not allow them to execute gzip with root privileges.
Systems Affected
| Vendor | Status | Date Notified | Date Updated |
|---|
| 3com, Inc. | Unknown | 8-Sep-2006 |
| Aladdin Knowledge Systems | Unknown | 8-Sep-2006 |
| Alcatel | Unknown | 8-Sep-2006 |
| Apple Computer, Inc. | Vulnerable | 5-Dec-2006 |
| AT&T | Unknown | 8-Sep-2006 |
| Avaya, Inc. | Unknown | 8-Sep-2006 |
| Avici Systems, Inc. | Unknown | 8-Sep-2006 |
| Borderware Technologies | Unknown | 8-Sep-2006 |
| Charlotte's Web Networks | Unknown | 8-Sep-2006 |
| Check Point Software Technologies | Unknown | 8-Sep-2006 |
| Chiaro Networks, Inc. | Unknown | 8-Sep-2006 |
| Cisco Systems, Inc. | Unknown | 8-Sep-2006 |
| Clavister | Unknown | 8-Sep-2006 |
| Command Software Systems | Unknown | 8-Sep-2006 |
| Computer Associates | Not Vulnerable | 27-Jul-2007 |
| Computer Associates eTrust Security Management | Unknown | 25-Oct-2006 |
| Conectiva Inc. | Unknown | 8-Sep-2006 |
| Cray Inc. | Unknown | 8-Sep-2006 |
| CyberSoft, Inc. | Unknown | 8-Sep-2006 |
| D-Link Systems, Inc. | Unknown | 8-Sep-2006 |
| Data Connection, Ltd. | Unknown | 8-Sep-2006 |
| DataFellows | Unknown | 8-Sep-2006 |
| Debian GNU/Linux | Vulnerable | 4-Oct-2006 |
| Debian GNU/Linux | Unknown | 8-Sep-2006 |
| EMC, Inc. (formerly Data General Corporation) | Unknown | 8-Sep-2006 |
| Engarde Secure Linux | Unknown | 8-Sep-2006 |
| Ericsson | Unknown | 8-Sep-2006 |
| eSoft, Inc. | Unknown | 8-Sep-2006 |
| Extreme Networks | Unknown | 8-Sep-2006 |
| F-PROT by FRISK Software International | Unknown | 8-Sep-2006 |
| F-Secure Corporation | Unknown | 8-Sep-2006 |
| F5 Networks, Inc. | Unknown | 8-Sep-2006 |
| Fedora Project | Unknown | 8-Sep-2006 |
| Finjan Software | Unknown | 8-Sep-2006 |
| Force10 Networks, Inc. | Unknown | 8-Sep-2006 |
| Fortinet, Inc. | Unknown | 8-Sep-2006 |
| Foundry Networks, Inc. | Unknown | 8-Sep-2006 |
| FreeBSD, Inc. | Vulnerable | 29-Sep-2006 |
| Fujitsu | Unknown | 7-Mar-2007 |
| Gentoo Linux | Unknown | 8-Sep-2006 |
| GFI Software, Inc. | Unknown | 8-Sep-2006 |
| Global Technology Associates | Not Vulnerable | 18-Sep-2006 |
| Hewlett-Packard Company | Unknown | 8-Sep-2006 |
| Hitachi | Not Vulnerable | 20-Sep-2006 |
| Hyperchip | Unknown | 8-Sep-2006 |
| IBM Corporation | Unknown | 8-Sep-2006 |
| IBM Corporation (zseries) | Unknown | 8-Sep-2006 |
| IBM eServer | Unknown | 8-Sep-2006 |
| Immunix Communications, Inc. | Unknown | 8-Sep-2006 |
| Ingrian Networks, Inc. | Unknown | 8-Sep-2006 |
| Inner Media, Inc. | Unknown | 8-Sep-2006 |
| Intel Corporation | Unknown | 8-Sep-2006 |
| Internet Security Systems, Inc. | Unknown | 8-Sep-2006 |
| Intoto | Unknown | 20-Sep-2006 |
| IP Filter | Unknown | 8-Sep-2006 |
| Juniper Networks, Inc. | Unknown | 8-Sep-2006 |
| Linksys (A division of Cisco Systems) | Unknown | 8-Sep-2006 |
| Lucent Technologies | Unknown | 8-Sep-2006 |
| Luminous Networks | Unknown | 8-Sep-2006 |
| Mandriva, Inc. | Unknown | 8-Sep-2006 |
| MessageLabs | Unknown | 8-Sep-2006 |
| Microsoft Corporation | Unknown | 8-Sep-2006 |
| MontaVista Software, Inc. | Unknown | 8-Sep-2006 |
| Multinet (owned Process Software Corporation) | Unknown | 8-Sep-2006 |
| Multitech, Inc. | Unknown | 8-Sep-2006 |
| NEC Corporation | Unknown | 8-Sep-2006 |
| NetBSD | Unknown | 8-Sep-2006 |
| netfilter | Unknown | 8-Sep-2006 |
| Network Appliance, Inc. | Unknown | 8-Sep-2006 |
| NextHop Technologies, Inc. | Unknown | 8-Sep-2006 |
| Nokia | Unknown | 8-Sep-2006 |
| Nortel Networks, Inc. | Unknown | 8-Sep-2006 |
| Novell, Inc. | Unknown | 8-Sep-2006 |
| OpenBSD | Unknown | 8-Sep-2006 |
| Openwall GNU/*/Linux | Vulnerable | 20-Sep-2006 |
| Proland Software, Inc. | Unknown | 8-Sep-2006 |
| QNX, Software Systems, Inc. | Unknown | 8-Sep-2006 |
| Red Hat, Inc. | Vulnerable | 20-Sep-2006 |
| Redback Networks, Inc. | Unknown | 8-Sep-2006 |
| Riverstone Networks, Inc. | Unknown | 8-Sep-2006 |
| Secure Computing Network Security Division | Unknown | 8-Sep-2006 |
| Secureworx, Inc. | Unknown | 8-Sep-2006 |
| Silicon Graphics, Inc. | Unknown | 8-Sep-2006 |
| Slackware Linux Inc. | Vulnerable | 25-Sep-2006 |
| Sony Corporation | Unknown | 8-Sep-2006 |
| Sophos, Inc. | Unknown | 8-Sep-2006 |
| Stonesoft | Unknown | 8-Sep-2006 |
| Sun Microsystems, Inc. | Unknown | 8-Sep-2006 |
| SUSE Linux | Unknown | 8-Sep-2006 |
| Symantec, Inc. | Unknown | 8-Sep-2006 |
| The SCO Group | Unknown | 8-Sep-2006 |
| Trendmicro | Unknown | 8-Sep-2006 |
| Trustix Secure Linux | Unknown | 8-Sep-2006 |
| Turbolinux | Unknown | 8-Sep-2006 |
| Ubuntu | Vulnerable | 22-Sep-2006 |
| Unisys | Unknown | 8-Sep-2006 |
| Watchguard Technologies, Inc. | Unknown | 8-Sep-2006 |
| Wind River Systems, Inc. | Unknown | 8-Sep-2006 |
| ZyXEL | Unknown | 8-Sep-2006 |
References
http://www.gzip.org/
http://www.auscert.org.au/7179
Credit
Thanks to Tavis Ormandy, Google Security Team for reporting this issue.
This document was written by Ryan Giobbi.
Other Information
| Date Public: | 2006-06-19 |
| Date First Published: | 2006-09-19 |
| Date Last Updated: | 2007-07-27 |
| CERT Advisory: | |
| CVE-ID(s): | CVE-2006-4335 |
| NVD-ID(s): | CVE-2006-4335 |
| US-CERT Technical Alerts: | |
| Metric: | 1.57 |
| Document Revision: | 55 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
|
Get Adobe Reader