Signature Detail
Short Name |
HTTP:STC:DL:GZIP-LHZ |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
gzip LZH Decompression Stack Corruption |
Release Date |
2010/10/04 |
Update Number |
1784 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: gzip LZH Decompression Stack Corruption
This signature detects attempts to exploit a known vulnerability in the LHZ file format. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the client.
Extended Description
The gzip utility is prone to multiple remote buffer-overflow and denial-of-service vulnerabilities when handling malicious archive files. Successful exploits may allow a remote attacker to corrupt process memory by triggering an overflow condition. This may lead to arbitrary code execution in the context of an affected user and may facilitate a remote compromise. Attackers may also trigger denial-of-service conditions by crashing or hanging the application. Specific information regarding affected versions of gzip is currently unavailable. This BID will be updated as more information is released.
Affected Products
- Apple Mac OS X 10.3.0
- Apple Mac OS X 10.3.1
- Apple Mac OS X 10.3.2
- Apple Mac OS X 10.3.3
- Apple Mac OS X 10.3.4
- Apple Mac OS X 10.3.5
- Apple Mac OS X 10.3.6
- Apple Mac OS X 10.3.7
- Apple Mac OS X 10.3.8
- Apple Mac OS X 10.3.9
- Apple Mac OS X 10.4.0
- Apple Mac OS X 10.4.1
- Apple Mac OS X 10.4.2
- Apple Mac OS X 10.4.3
- Apple Mac OS X 10.4.4
- Apple Mac OS X 10.4.5
- Apple Mac OS X 10.4.6
- Apple Mac OS X 10.4.7
- Apple Mac OS X 10.4.8
- Apple Mac OS X Server 10.3.0
- Apple Mac OS X Server 10.3.1
- Apple Mac OS X Server 10.3.2
- Apple Mac OS X Server 10.3.3
- Apple Mac OS X Server 10.3.4
- Apple Mac OS X Server 10.3.5
- Apple Mac OS X Server 10.3.6
- Apple Mac OS X Server 10.3.7
- Apple Mac OS X Server 10.3.8
- Apple Mac OS X Server 10.3.9
- Apple Mac OS X Server 10.4.0
- Apple Mac OS X Server 10.4.1
- Apple Mac OS X Server 10.4.2
- Apple Mac OS X Server 10.4.3
- Apple Mac OS X Server 10.4.4
- Apple Mac OS X Server 10.4.5
- Apple Mac OS X Server 10.4.6
- Apple Mac OS X Server 10.4.7
- Apple Mac OS X Server 10.4.8
- Avaya Converged Communications Server 2.0.0
- Avaya CVLAN
- Avaya Integrated Management
- Avaya Intuity LX
- Avaya Message Networking
- Avaya Messaging Storage Server
- Avaya Predictive Dialing System (PDS) 11.11
- Avaya S8700 CM 3.1
- Avaya S8700 R2.0.0
- Avaya S8700 R2.0.1
- Avaya S8710 CM 3.1
- Avaya S8710 R2.0.0
- Avaya S8710 R2.0.1
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- FreeBSD 1.1.5 .1
- FreeBSD 2.0.0
- FreeBSD 2.0.5
- FreeBSD 2.1.0
- FreeBSD 2.1.0 X
- FreeBSD 2.1.5
- FreeBSD 2.1.6
- FreeBSD 2.1.6 .1
- FreeBSD 2.1.7 .1
- FreeBSD 2.2.0
- FreeBSD 2.2.0 X
- FreeBSD 2.2.2
- FreeBSD 2.2.3
- FreeBSD 2.2.4
- FreeBSD 2.2.5
- FreeBSD 2.2.6
- FreeBSD 2.2.8
- FreeBSD 2.X
- FreeBSD 3.0.0
- FreeBSD 3.0.0 -RELENG
- FreeBSD 3.1.0
- FreeBSD 3.1.0 X
- FreeBSD 3.2.0
- FreeBSD 3.2.0 X
- FreeBSD 3.3.0
- FreeBSD 3.3.0 X
- FreeBSD 3.4.0
- FreeBSD 3.4.0 X
- FreeBSD 3.5.0
- FreeBSD 3.5.0 -STABLE
- FreeBSD 3.5.0 -Stablepre050201
- FreeBSD 3.5.0 -Stablepre122300
- FreeBSD 3.5.0 X
- FreeBSD 3.5.1
- FreeBSD 3.5.1 -RELEASE
- FreeBSD 3.5.1 -STABLE
- FreeBSD 3.5.1 -Stablepre2001-07-20
- FreeBSD 3.X
- FreeBSD 4.0.0
- FreeBSD 4.0.0 Alpha
- FreeBSD 4.0.0 -RELENG
- FreeBSD 4.0.0 .X
- FreeBSD 4.1.0
- FreeBSD 4.10.0
- FreeBSD 4.10.0 -RELEASE
- FreeBSD 4.10.0 -RELEASE-P8
- FreeBSD 4.10.0 -RELENG
- FreeBSD 4.10-PRERELEASE
- FreeBSD 4.1.1
- FreeBSD 4.11.0 -RELEASE
- FreeBSD 4.11.0 -RELEASE-P20
- FreeBSD 4.11.0 -RELEASE-P3
- FreeBSD 4.11.0 -RELENG
- FreeBSD 4.11.0 -STABLE
- FreeBSD 4.1.1 -RELEASE
- FreeBSD 4.1.1 -STABLE
- FreeBSD 4.2.0
- FreeBSD 4.2.0 -RELEASE
- FreeBSD 4.2.0 -STABLE
- FreeBSD 4.2.0 -Stablepre050201
- FreeBSD 4.2.0 -Stablepre122300
- FreeBSD 4.3.0
- FreeBSD 4.3.0 -RELEASE
- FreeBSD 4.3.0 -RELEASE-P38
- FreeBSD 4.3.0 -RELENG
- FreeBSD 4.3.0 -STABLE
- FreeBSD 4.4.0
- FreeBSD 4.4.0 -RELEASE-P42
- FreeBSD 4.4.0 -RELENG
- FreeBSD 4.4.0 -STABLE
- FreeBSD 4.5.0
- FreeBSD 4.5.0 -RELEASE
- FreeBSD 4.5.0 -RELEASE-P32
- FreeBSD 4.5.0 -RELENG
- FreeBSD 4.5.0 -STABLE
- FreeBSD 4.5.0 -Stablepre2002-03-07
- FreeBSD 4.6.0
- FreeBSD 4.6.0 -RELEASE
- FreeBSD 4.6.0 -RELEASE-P20
- FreeBSD 4.6.0 -RELENG
- FreeBSD 4.6.0 -STABLE
- FreeBSD 4.6.2
- FreeBSD 4.7.0
- FreeBSD 4.7.0 -RELEASE
- FreeBSD 4.7.0 -RELEASE-P17
- FreeBSD 4.7.0 -RELENG
- FreeBSD 4.7.0 -STABLE
- FreeBSD 4.8.0
- FreeBSD 4.8.0 -PRERELEASE
- FreeBSD 4.8.0 -RELEASE-P7
- FreeBSD 4.8.0 -RELENG
- FreeBSD 4.9.0
- FreeBSD 4.9.0 -PRERELEASE
- FreeBSD 4.9.0 -RELENG
- FreeBSD 5.0.0
- FreeBSD 5.0.0 Alpha
- FreeBSD 5.0.0 -RELEASE-P14
- FreeBSD 5.0.0 -RELENG
- FreeBSD 5.1.0
- FreeBSD 5.1.0 -RELEASE
- FreeBSD 5.1.0 -RELEASE/Alpha
- FreeBSD 5.1.0 -RELEASE-P5
- FreeBSD 5.1.0 -RELENG
- FreeBSD 5.2.0
- FreeBSD 5.2.0 -RELEASE
- FreeBSD 5.2.0 -RELENG
- FreeBSD 5.2.1 -RELEASE
- FreeBSD 5.3.0
- FreeBSD 5.3.0 -RELEASE
- FreeBSD 5.3.0 -RELENG
- FreeBSD 5.3.0 -STABLE
- FreeBSD 5.4.0 -PRERELEASE
- FreeBSD 5.4.0 -RELEASE
- FreeBSD 5.4.0 -RELENG
- FreeBSD 5.4-STABLE
- FreeBSD 5.5.0 -RELEASE
- FreeBSD 5.5.0 -STABLE
- FreeBSD 6.0.0 -RELEASE
- FreeBSD 6.0.0 -STABLE
- FreeBSD 6.1 -RELEASE
- FreeBSD 6.1 -STABLE
- Gentoo Linux
- GNU gzip 1.2.4
- GNU gzip 1.2.4 A
- GNU gzip 1.3.0
- GNU gzip 1.3.2
- GNU gzip 1.3.3
- GNU gzip 1.3.3 T
- GNU gzip 1.3.4
- GNU gzip 1.3.5
- HP HP-UX B.11.11
- HP HP-UX B.11.23
- HP Tru64 4.0.0 F PK8
- HP Tru64 4.0.0 G PK4
- HP Tru64 5.1.0 A PK6
- HP Tru64 5.1.0 B-2 PK4
- HP Tru64 5.1.0 B-3
- IPCop 1.4.10
- IPCop 1.4.11
- IPCop 1.4.12
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Corporate Server 4.0
- Mandriva Corporate Server 4.0.0 X86 64
- Mandriva Linux Mandrake 2006.0.0
- Mandriva Linux Mandrake 2006.0.0 X86 64
- Mandriva Multi Network Firewall 2.0.0
- OpenPKG 2.0.0
- OpenPKG 2.1.0
- OpenPKG 2.2.0
- OpenPKG 2.3.0
- OpenPKG 2.4.0
- OpenPKG 2.5.0
- OpenPKG Current
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Desktop 3.0.0
- Red Hat Desktop 4.0.0
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Enterprise Linux WS 4
- Red Hat Fedora Core3
- Red Hat Fedora Core4
- rPath rPath Linux 1
- SGI ProPack 3.0.0 SP6
- Slackware Linux 10.0.0
- Slackware Linux 10.1.0
- Slackware Linux 10.2.0
- Slackware Linux 8.1.0
- Slackware Linux 9.0.0
- Slackware Linux 9.1.0
- Sun Solaris 10 Sparc
- Sun Solaris 10 X86
- Sun Solaris 8 Sparc
- Sun Solaris 8 X86
- Sun Solaris 9 Sparc
- Sun Solaris 9 X86
- SuSE Linux Desktop 1.0.0
- SuSE Linux Personal 10.0.0 OSS
- SuSE Linux Personal 10.1
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 10.0.0
- SuSE Linux Professional 10.0.0 OSS
- SuSE Linux Professional 10.1
- SuSE Linux Professional 9.2.0
- SuSE Linux Professional 9.2.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- SuSE SUSE Linux Enterprise SDK 10
- SuSE SUSE Linux Enterprise Server 10
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- SuSE UnitedLinux 1.0.0
- Trustix Secure Enterprise Linux 2.0.0
- Trustix Secure Linux 2.2.0
- Trustix Secure Linux 3.0.0
- Turbolinux Appliance Server 1.0.0 Hosting Edition
- Turbolinux Appliance Server 1.0.0 Workgroup Edition
- Turbolinux Appliance Server 2.0
- Turbolinux Appliance Server Hosting Edition 1.0.0
- Turbolinux Appliance Server Workgroup Edition 1.0.0
- Turbolinux Home
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 10 F...
- Turbolinux FUJI
- Turbolinux Turbolinux Desktop 10.0.0
- Turbolinux Turbolinux Server 10.0.0
- Turbolinux Turbolinux Server 10.0.0 X86
- Turbolinux Turbolinux Server 7.0.0
- Turbolinux Turbolinux Server 8.0.0
- Ubuntu Ubuntu Linux 5.0.0 4 Amd64
- Ubuntu Ubuntu Linux 5.0.0 4 I386
- Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
- Ubuntu Ubuntu Linux 5.10.0 Amd64
- Ubuntu Ubuntu Linux 5.10.0 I386
- Ubuntu Ubuntu Linux 5.10.0 Powerpc
- Ubuntu Ubuntu Linux 5.10.0 Sparc
- Ubuntu Ubuntu Linux 6.06 LTS Amd64
- Ubuntu Ubuntu Linux 6.06 LTS I386
- Ubuntu Ubuntu Linux 6.06 LTS Powerpc
- Ubuntu Ubuntu Linux 6.06 LTS Sparc
- VMWare ESX 2.1.3
- VMWare ESX Server 2.0.2
- VMWare ESX Server 2.0.2 Patch 1
- VMWare ESX Server 2.0.2 Patch 2
- VMWare ESX Server 2.0.2 Patch 4
- VMWare ESX Server 2.1.3
- VMWare ESX Server 2.1.3 Patch 1
- VMWare ESX Server 2.1.3 Patch 2
- VMWare ESX Server 2.5.3
- VMWare ESX Server 2.5.3 Patch 2
- VMWare ESX Server 2.5.3 Patch 4
- VMWare ESX Server 2.5.3 Patch 5
- VMWare ESX Server 2.5.3 Patch 6
- VMWare ESX Server 2.5.3 Patch 7
- VMWare ESX Server 2.5.4
- VMWare ESX Server 2.5.4 Patch 1
- VMWare ESX Server 2.5.4 Patch 3
- VMWare ESX Server 3.0.0
- VMWare ESX Server 3.0.1
References
- BugTraq: 20101
- CVE: CVE-2006-4335