Mandrake Linux Security Advisory : gzip (MDKSA-2006:167)

high Nessus Plugin ID 24553

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

NULL Dereference (CVE-2006-4334)

A stack modification vulnerability (where a stack buffer can be modified out of bounds, but not in the traditional stack overrun sense) exists in the LZH decompression support of gzip.
(CVE-2006-4335)

A .bss buffer underflow exists in gzip's pack support, where a loop from build_tree() does not enforce any lower bound while constructing the prefix table. (CVE-2006-4336)

A .bss buffer overflow vulnerability exists in gzip's LZH support, due to it's inability to handle exceptional input in the make_table() function, a pathological decoding table can be constructed in such a way as to generate counts so high that the rapid growth of `nextcode` exceeds the size of the table[] buffer. (CVE-2006-4337)

A possible infinite loop exists in code from unlzh.c for traversing the branches of a tree structure. This makes it possible to disrupt the operation of automated systems relying on gzip for data decompression, resulting in a minor DoS. (CVE-2006-4338) Updated packages have been patched to address these issues.

Solution

Update the affected gzip package.

Plugin Details

Severity: High

ID: 24553

File Name: mandrake_MDKSA-2006-167.nasl

Version: 1.16

Type: local

Published: 2/18/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:gzip, cpe:/o:mandriva:linux:2006

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 9/20/2006

Reference Information

CVE: CVE-2006-4334, CVE-2006-4335, CVE-2006-4336, CVE-2006-4337, CVE-2006-4338

MDKSA: 2006:167