FreeBSD Security Advisory (FreeBSD-SA-06:21.gzip.asc) Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:21.gzip.asc

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:21.gzip.asc

Insight

gzip is a file compression utility. Multiple programming errors have been found in gzip which can be triggered when gzip is decompressing files. These errors include insufficient bounds checks in buffer use, a NULL pointer dereference, and a potential infinite loop.

Severity

Classification

CVE CVE-2006-4334, CVE-2006-4338

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeBSD Ports: apache+ssl
FreeBSD Ports: cgiwrap
FreeBSD Ports: apr1
FreeBSD Ports: bacula
FreeBSD Ports: clamav

Take action and discover your vulnerabilities