Darksat IT Security Forums
October 22, 2019, 02:16:26 am
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Darksat IT Security Forum
From Firewall Support, AntiVirus Questions, Spyware problems, Linux and Windows Security, Black Hat SEO right down to Website Design and Multimedia
 
  Home Help Search Gallery Links Staff List Login Register  

Multiple security vulnerabilities in gzip


Pages: [1]
  Print  
Author Topic: Multiple security vulnerabilities in gzip  (Read 1038 times)
Darksat
Administrator
Master
*******
Posts: 3303



View Profile WWW
« on: October 04, 2006, 06:56:40 am »

Numerous Linux distributors and the developers of FreeBSD have released new packets of the open source (un)zip program gzip (GNUzip). The update fixes four vulnerabilities. Three of these are based on buffer overflows in the functions make_table in unlzh.c, build_tree in unpack.c and make_table in the LHA support. When unzipping prepared archives, malicious code can be infiltrated onto the computer and be executed in the user's context. The fourth vulnerability is in the function huft_build during LZH processing, however, it merely cases the application to crash.


No official patch is available at present. Users should install the packages for their distribution as quickly as possible.



http://www.astalavista.com/?section=news&cmd=details&newsid=2777
Report Spam   Logged

sacx13
31337
***
Posts: 40


View Profile
« Reply #1 on: October 19, 2006, 06:14:28 am »

The updates are already out for almost every distribution. The most problematic was gzip because is used by mod_gzip apache module Smiley

Regards
Report Spam   Logged
neutron2k
Elite-Member
Master
*****
Posts: 469



View Profile WWW
« Reply #2 on: October 28, 2006, 02:59:12 am »

i've never used gzip compressionon any of my websites (yes you can compress your web sites hehe)
Report Spam   Logged
Darksat
Administrator
Master
*******
Posts: 3303



View Profile WWW
« Reply #3 on: October 28, 2006, 07:40:33 am »

I used GZIP compression on some of my sites.
Saves a bit of space and no real performance hit on speed, which is nice.
Report Spam   Logged

Pages: [1]
  Print  
 
Jump to:  

Powered by EzPortal
eXTReMe Tracker
Security Forum
Bookmark this site! | Upgrade This Forum
SMF For Free - Create your own Forum


Powered by SMF | SMF © 2016, Simple Machines
Privacy Policy
Page created in 0.031 seconds with 13 queries.