English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 92446 CVE descriptions
and 51095 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.835145
Category:HP-UX Local Security Checks
Title:HP-UX Update for Software Distributor (SD) HPSBUX02195
Summary:Check for the Version of Software Distributor (SD)
Description:Description:


Vulnerability Insight:
A potential security vulnerability has been identified with the version of
GZIP delivered by HP-UX Software Distributor (SD). The vulnerability could
be remotely exploited leading to a Denial of Service (DoS).

Impact:
Remote Denial of Service (DoS)

Affected Software/OS:
Software Distributor (SD) on
HP-UX B.11.11 and B.11.23 running Software Distributor (SD)

Fix: Please Install the Updated Packages.

References:
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00874667-2

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-4334
Bugtraq: 20060919 rPSA-2006-0170-1 gzip (Google Search)
http://www.securityfocus.com/archive/1/archive/1/446426/100/0/threaded
Bugtraq: 20070330 VMSA-2007-0002 VMware ESX security updates (Google Search)
http://www.securityfocus.com/archive/1/archive/1/464268/100/0/threaded
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
Debian Security Information: DSA-1181 (Google Search)
http://www.us.debian.org/security/2006/dsa-1181
http://www.securityfocus.com/archive/1/archive/1/451324/100/0/threaded
FreeBSD Security Advisory: FreeBSD-SA-06:21
http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc
http://security.gentoo.org/glsa/glsa-200609-13.xml
HPdes Security Advisory: HPSBTU02168
http://www.securityfocus.com/archive/1/archive/1/450078/100/0/threaded
HPdes Security Advisory: SSRT061237
HPdes Security Advisory: HPSBUX02195
http://www.securityfocus.com/archive/1/archive/1/462007/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDKSA-2006:167
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html
http://www.redhat.com/support/errata/RHSA-2006-0667.html
SGI Security Advisory: 20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1
SuSE Security Announcement: SUSE-SA:2006:056 (Google Search)
http://www.novell.com/linux/security/advisories/2006_56_gzip.html
http://www.trustix.org/errata/2006/0052/
http://www.ubuntu.com/usn/usn-349-1
Cert/CC Advisory: TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
CERT/CC vulnerability note: VU#933712
http://www.kb.cert.org/vuls/id/933712
BugTraq ID: 20101
http://www.securityfocus.com/bid/20101
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10527
http://www.vupen.com/english/advisories/2006/4275
http://www.vupen.com/english/advisories/2006/4750
http://www.vupen.com/english/advisories/2007/0092
http://www.vupen.com/english/advisories/2007/0832
http://www.vupen.com/english/advisories/2007/1171
http://securitytracker.com/id?1016883
http://secunia.com/advisories/22002
http://secunia.com/advisories/22009
http://secunia.com/advisories/22017
http://secunia.com/advisories/22033
http://secunia.com/advisories/22034
http://secunia.com/advisories/22012
http://secunia.com/advisories/22043
http://secunia.com/advisories/22085
http://secunia.com/advisories/22101
http://secunia.com/advisories/22027
http://secunia.com/advisories/22435
http://secunia.com/advisories/22661
http://secunia.com/advisories/22487
http://secunia.com/advisories/23155
http://secunia.com/advisories/21996
http://secunia.com/advisories/23679
http://secunia.com/advisories/24435
http://secunia.com/advisories/24636
XForce ISS Database: gzip-huftbuild-code-execution(29038)
http://xforce.iss.net/xforce/xfdb/29038
Common Vulnerability Exposure (CVE) ID: CVE-2006-4335
http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml
CERT/CC vulnerability note: VN#381508
http://www.kb.cert.org/vuls/id/381508
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10391
http://www.vupen.com/english/advisories/2006/3695
http://www.vupen.com/english/advisories/2006/4760
http://secunia.com/advisories/23153
http://secunia.com/advisories/23156
XForce ISS Database: gzip-lzh-array-code-execution(29040)
http://xforce.iss.net/xforce/xfdb/29040
Common Vulnerability Exposure (CVE) ID: CVE-2006-4336
CERT/CC vulnerability note: VN#554780
http://www.kb.cert.org/vuls/id/554780
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10140
XForce ISS Database: gzip-unpack-buffer-underflow(29042)
http://xforce.iss.net/xforce/xfdb/29042
Common Vulnerability Exposure (CVE) ID: CVE-2006-4337
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11212
Common Vulnerability Exposure (CVE) ID: CVE-2006-4338
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11290
http://www.osvdb.org/29008
XForce ISS Database: gzip-lhz-dos(29046)
http://xforce.iss.net/xforce/xfdb/29046
CopyrightCopyright (C) 2009 Greenbone Networks GmbH

This is only one of 51095 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2016 E-Soft Inc. All rights reserved.