| AnNyung Official Homepage | Home > Update [ 1.2 ] |
|
HOME What is AnNyung Documents Packages System White Paper Download Update . 3.x [RSS] . 2.x [RSS] . 1.3 [RSS] . 1.2 [RSS] . 1.1 [RSS] . 1.0 [RSS] FAQ Hardware RoadMap Gallery |
|
gzip 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다. 문서번호 : 1158907559 업데이트 : 2006.09.22 상세내용 CVE-2006-4334: Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference. CVE-2006-4335: Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability." CVE-2006-4336: Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index. CVE-2006-4337: Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive. CVE-2006-4338: unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive. Autoupdates 지원 : 지원 update 패키지 RPMS : . gzip-1.3.3-16.i686.rpm SRPMS : . gzip-1.3.3-16.src.rpm 참고 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 |
Home > Update [ 1.2 ]
Copyright 2024 OOPS Development Organization
LAST MODIFIED: 2018/04/10