Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2006-4335
Deferred
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-19 Sep, 2006 | 21:07
Updated At-03 Apr, 2025 | 01:03

Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
gzip
gzip
>>gzip>>1.3.5
cpe:2.3:a:gzip:gzip:1.3.5:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=220595 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.ascsecalert@redhat.com
N/A
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676secalert@redhat.com
N/A
http://docs.info.apple.com/article.html?artnum=304829secalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/21996secalert@redhat.com
N/A
http://secunia.com/advisories/22002secalert@redhat.com
N/A
http://secunia.com/advisories/22009secalert@redhat.com
N/A
http://secunia.com/advisories/22012secalert@redhat.com
N/A
http://secunia.com/advisories/22017secalert@redhat.com
N/A
http://secunia.com/advisories/22027secalert@redhat.com
N/A
http://secunia.com/advisories/22033secalert@redhat.com
N/A
http://secunia.com/advisories/22034secalert@redhat.com
N/A
http://secunia.com/advisories/22043secalert@redhat.com
N/A
http://secunia.com/advisories/22085secalert@redhat.com
N/A
http://secunia.com/advisories/22101secalert@redhat.com
N/A
http://secunia.com/advisories/22435secalert@redhat.com
N/A
http://secunia.com/advisories/22487secalert@redhat.com
N/A
http://secunia.com/advisories/22661secalert@redhat.com
N/A
http://secunia.com/advisories/23153secalert@redhat.com
N/A
http://secunia.com/advisories/23155secalert@redhat.com
N/A
http://secunia.com/advisories/23156secalert@redhat.com
N/A
http://secunia.com/advisories/23679secalert@redhat.com
N/A
http://secunia.com/advisories/24435secalert@redhat.com
N/A
http://secunia.com/advisories/24636secalert@redhat.com
N/A
http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.ascsecalert@redhat.com
N/A
http://security.gentoo.org/glsa/glsa-200609-13.xmlsecalert@redhat.com
N/A
http://securitytracker.com/id?1016883secalert@redhat.com
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852secalert@redhat.com
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1secalert@redhat.com
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-218.htmsecalert@redhat.com
N/A
http://www.gentoo.org/security/en/glsa/glsa-200611-24.xmlsecalert@redhat.com
N/A
http://www.kb.cert.org/vuls/id/381508secalert@redhat.com
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:167secalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2006_56_gzip.htmlsecalert@redhat.com
N/A
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.htmlsecalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2006-0667.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/446426/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/450078/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/450078/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/451324/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/462007/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/464268/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/20101secalert@redhat.com
N/A
http://www.trustix.org/errata/2006/0052/secalert@redhat.com
N/A
http://www.ubuntu.com/usn/usn-349-1secalert@redhat.com
N/A
http://www.us-cert.gov/cas/techalerts/TA06-333A.htmlsecalert@redhat.com
US Government Resource
http://www.us.debian.org/security/2006/dsa-1181secalert@redhat.com
N/A
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.htmlsecalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/3695secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/4275secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/4750secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/4760secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2007/0092secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2007/0832secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2007/1171secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/29040secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-615secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391secalert@redhat.com
N/A
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676af854a3a-2127-422b-91ae-364da2661108
N/A
http://docs.info.apple.com/article.html?artnum=304829af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21996af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22002af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22009af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22012af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22017af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22027af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22033af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22034af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22043af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22085af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22101af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22435af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22487af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22661af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23153af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23155af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23156af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23679af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/24435af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/24636af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200609-13.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1016883af854a3a-2127-422b-91ae-364da2661108
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-218.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gentoo.org/security/en/glsa/glsa-200611-24.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/381508af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:167af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2006_56_gzip.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0667.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/446426/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/450078/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/450078/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/451324/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/462007/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/464268/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/20101af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.trustix.org/errata/2006/0052/af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/usn-349-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/cas/techalerts/TA06-333A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.us.debian.org/security/2006/dsa-1181af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/3695af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/4275af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/4750af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/4760af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/0092af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/0832af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/1171af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/29040af854a3a-2127-422b-91ae-364da2661108
N/A
https://issues.rpath.com/browse/RPL-615af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found