- Home
- CVEs with nessus.description==From Red Hat Security Advisory 2006:0667 :
Updated gzip packages that fix several security issues are now available for Red Hat Enterprise Linux.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
The gzip package contains the GNU gzip data compression program.
Tavis Ormandy of the Google Security Team discovered two denial of service flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to hang or crash. (CVE-2006-4334, CVE-2006-4338)
Tavis Ormandy of the Google Security Team discovered several code execution flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to crash or execute arbitrary code. (CVE-2006-4335, CVE-2006-4336, CVE-2006-4337)
Users of gzip should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top