Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.
a863e2eb03f0ac1937834e096aa9a52158ef6e9eb8144f3d6df45b14d4002a27Mandriva Linux Security Advisory 2011-152 - An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip. The updated packages have been upgraded to the 4.2.4.4 version which is not vulnerable to this issue.
e53828c95c8dd6c339d93d29f1dc8ec20f358bd17aee33d0d87c3ab4ec8d6236Debian Linux Security Advisory 2074-1 - Aki Helin discovered an integer underflow in ncompress, the original Lempel-Ziv compress/uncompress programs. This could lead to the execution of arbitrary code when trying to decompress a crafted LZW compressed gzip archive.
50c62803a6a8a590dea68ddb31eb6f822375c0761f3889df99469706d035eb40Ubuntu Security Notice 889-1 - It was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Aki Helin discovered that gzip incorrectly handled certain malformed files compressed with the Lempel
2d7b396c190d62a5aab0c1e1b39b06e60d46fda949cf0f9f8483b808e93b4b85Mandriva Linux Security Advisory 2010-020 - A missing input sanitation flaw was found in the way gzip used to decompress data blocks for dynamic Huffman codes. A remote attacker could provide a specially-crafted gzip compressed data archive, which once opened by a local, unsuspecting user would lead to denial of service (gzip crash) or, potentially, to arbitrary code execution with the privileges of the user running gzip. An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
7980610906396d3404f249abea3a118e88d040bb5af629574f6c48ec40499772Mandriva Linux Security Advisory 2010-019 - An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip. The updated packages have been patched to correct this issue.
ff10bc8eca9a6a43d582662f4c5151e1182d17005b3fe1edbc0e40b347c70185Debian Linux Security Advisory 1974-1 - Several vulnerabilities have been found in gzip, the GNU compression utilities.
e397141f9be1ae80a34d9e6ea6e578ba79705dedef10ce6d881ad43ea196457a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed