ID de Prueba:	1.3.6.1.4.1.25623.1.0.800452
Categoría:	Denial of Service
Título:	GZip 'huft_build()' in 'inflate.c' Input Validation Vulnerability - Windows
Resumen:	GZip is prone to Input Validation Vulnerability
Descripción:	Summary: GZip is prone to Input Validation Vulnerability Vulnerability Insight: The flaw is due to error in 'huft_build()' function in 'inflate.c', creates a hufts table that is too small. Vulnerability Impact: Successful exploitation could result in Denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. Affected Software/OS: GZip version prior to 1.3.13 on Windows. Solution: Update to GZip version 1.3.13 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2624 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Debian Security Information: DSA-1974 (Google Search) http://www.debian.org/security/2010/dsa-1974 http://www.mandriva.com/security/advisories?name=MDVSA-2010:020 http://article.gmane.org/gmane.comp.gnu.gzip.bugs/258 http://secunia.com/advisories/38132 http://secunia.com/advisories/38223 http://secunia.com/advisories/38232 SuSE Security Announcement: SUSE-SA:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.ubuntu.com/usn/USN-889-1 http://www.vupen.com/english/advisories/2010/0185
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.