// For flags

CVE-2006-4334

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.

Vulnerabilidad no especificada en gzip 1.3.5 permite a atacantes dependientes de contexto causar una denegación de servicio (caída) vía un archivo GZIP (gz) artesanal, lo cual resulta en una referencia a NULL.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-08-24 CVE Reserved
  • 2006-09-19 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (54)
URL Tag Source
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676 X_refsource_misc
http://docs.info.apple.com/article.html?artnum=304829 X_refsource_confirm
http://secunia.com/advisories/21996 Third Party Advisory
http://secunia.com/advisories/22002 Third Party Advisory
http://secunia.com/advisories/22009 Third Party Advisory
http://secunia.com/advisories/22012 Third Party Advisory
http://secunia.com/advisories/22017 Third Party Advisory
http://secunia.com/advisories/22027 Third Party Advisory
http://secunia.com/advisories/22033 Third Party Advisory
http://secunia.com/advisories/22034 Third Party Advisory
http://secunia.com/advisories/22043 Third Party Advisory
http://secunia.com/advisories/22085 Third Party Advisory
http://secunia.com/advisories/22101 Third Party Advisory
http://secunia.com/advisories/22435 Third Party Advisory
http://secunia.com/advisories/22487 Third Party Advisory
http://secunia.com/advisories/22661 Third Party Advisory
http://secunia.com/advisories/23155 Third Party Advisory
http://secunia.com/advisories/23679 Third Party Advisory
http://secunia.com/advisories/24435 Third Party Advisory
http://secunia.com/advisories/24636 Third Party Advisory
http://securitytracker.com/id?1016883 Vdb Entry
http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm X_refsource_confirm
http://www.kb.cert.org/vuls/id/933712 Third Party Advisory
http://www.securityfocus.com/archive/1/446426/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/464268/100/0/threaded Mailing List
http://www.securityfocus.com/bid/20101 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA06-333A.html Third Party Advisory
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html X_refsource_confirm
http://www.vupen.com/english/advisories/2006/4275 Vdb Entry
http://www.vupen.com/english/advisories/2006/4750 Vdb Entry
http://www.vupen.com/english/advisories/2007/0092 Vdb Entry
http://www.vupen.com/english/advisories/2007/0832 Vdb Entry
http://www.vupen.com/english/advisories/2007/1171 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/29038 Vdb Entry
https://issues.rpath.com/browse/RPL-615 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10527 Signature
URL Date SRC
URL Date SRC
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc 2018-10-17
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html 2018-10-17
http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc 2018-10-17
http://security.gentoo.org/glsa/glsa-200609-13.xml 2018-10-17
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 2018-10-17
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1 2018-10-17
http://www.mandriva.com/security/advisories?name=MDKSA-2006:167 2018-10-17
http://www.novell.com/linux/security/advisories/2006_56_gzip.html 2018-10-17
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html 2018-10-17
http://www.redhat.com/support/errata/RHSA-2006-0667.html 2018-10-17
http://www.securityfocus.com/archive/1/450078/100/0/threaded 2018-10-17
http://www.securityfocus.com/archive/1/451324/100/0/threaded 2018-10-17
http://www.securityfocus.com/archive/1/462007/100/0/threaded 2018-10-17
http://www.trustix.org/errata/2006/0052 2018-10-17
http://www.ubuntu.com/usn/usn-349-1 2018-10-17
http://www.us.debian.org/security/2006/dsa-1181 2018-10-17
https://access.redhat.com/security/cve/CVE-2006-4334 2006-09-19
https://bugzilla.redhat.com/show_bug.cgi?id=1618181 2006-09-19
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gzip
Search vendor "Gzip"
 Gzip
Search vendor "Gzip" for product "Gzip"
 1.3.5
Search vendor "Gzip" for product "Gzip" and version "1.3.5"
-
Affected