HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2006-34
Multiple vulnerabilities in gzip

Original issue date: September 21, 2006

Severity Rating: Medium

System Affected

gzip 1.x

Overview

Multiple vulnerabilities have been reported in Gzip. A remote attacker could exploit the vulnerability to run arbitrary code on the affected system or cause denial of service attack.

Description

1. NULL dereference vulnerability in gzip (CVE-2006-4334)

A NULL dereference vulnerability has been reported in gzip. which could be exploited by remote attackers via a crafted GZIP archive and can cause a denial of service attack.

2. Array index error vulnerability in gzip (CVE-2006-4335)

An Array index error vulnerability has been reported in gzip in the make_table function in unlzh.c in the LZH decompression component. This vulnerability could be exploited by attackers via a crafted GZIP archive that triggers an out-of-bounds write and could cause a denial of service or crash attack.

3. Buffer underflow vulnerability in gzip (CVE-2006-4336)

A buffer underflow vulnerability has been reported in gzip due to boundary error in build_tree function in unpack.c. The vulnerability could allow remote attacker to execute arbitrary code on the affected system via crafted GZIP archive.

4. Buffer overflow vulnerability in gzip (CVE-2006-4337)

A buffer overflow vulnerability has been reported in gzip due to boundary error in the make_table function in the LHZ component. The vulnerability could allow remote attacker to execute arbitrary code on the affected system via crafted GZIP archive.

5. Denial of Service in unlzh.c (CVE-2006-4338)

A vulnerability has been reported in gzip due to error in unlzh.c in the LHZ component. This may allow remote attacker to cause a denial of service attack via a crafted GZIP archive.

Workaround

Do not unpack untrusted archive files.

Vendor Information

www.gzip.org

References

Original Advisory
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676

Redhat
http://rhn.redhat.com/errata/RHSA-2006-0667.html

SecurityTracker
http://www.securitytracker.com/alerts/2006/Sep/1016883.html

Secunia
http://secunia.com/advisories/21996/

US-CERT
http://www.kb.cert.org/vuls/id/554780
http://www.kb.cert.org/vuls/id/381508
http://www.kb.cert.org/vuls/id/773548
http://www.kb.cert.org/vuls/id/933712
http://www.kb.cert.org/vuls/id/596848

CVE Name

CVE-2006-4334
CVE-2006-4335
CVE-2006-4336
CVE-2006-4337
CVE-2006-4338

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003