// For flags

CVE-2006-4335

multiple vulnerabilities in lha

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."

Error de índice de array en la función make_table en unlzh.c en el componente de descompresión LZH en gzip 1.3.5, cuando se ejecuta en ciertas plataformas, permite a atacantes dependientes de contexto provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección vía un archivo GZIP artesanal que dispara una escritura fuera de rango, también conocida como "vulnerabilidad de modificación de pila".

A potential security vulnerability has been identified with the version of GZIP delivered by HP-UX Software Distributor (SD). The vulnerability could be remotely exploited leading to a Denial of Service (DoS).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-08-24 CVE Reserved
  • 2006-09-19 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-07-13 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (59)
URL Tag Source
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676 X_refsource_misc
http://docs.info.apple.com/article.html?artnum=304829 X_refsource_confirm
http://secunia.com/advisories/21996 Third Party Advisory
http://secunia.com/advisories/22002 Third Party Advisory
http://secunia.com/advisories/22009 Third Party Advisory
http://secunia.com/advisories/22012 Third Party Advisory
http://secunia.com/advisories/22017 Third Party Advisory
http://secunia.com/advisories/22027 Third Party Advisory
http://secunia.com/advisories/22033 Third Party Advisory
http://secunia.com/advisories/22034 Third Party Advisory
http://secunia.com/advisories/22043 Third Party Advisory
http://secunia.com/advisories/22085 Third Party Advisory
http://secunia.com/advisories/22101 Third Party Advisory
http://secunia.com/advisories/22435 Third Party Advisory
http://secunia.com/advisories/22487 Third Party Advisory
http://secunia.com/advisories/22661 Third Party Advisory
http://secunia.com/advisories/23153 Third Party Advisory
http://secunia.com/advisories/23155 Third Party Advisory
http://secunia.com/advisories/23156 Third Party Advisory
http://secunia.com/advisories/23679 Third Party Advisory
http://secunia.com/advisories/24435 Third Party Advisory
http://secunia.com/advisories/24636 Third Party Advisory
http://securitytracker.com/id?1016883 Vdb Entry
http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm X_refsource_confirm
http://www.kb.cert.org/vuls/id/381508 Third Party Advisory
http://www.securityfocus.com/archive/1/446426/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/464268/100/0/threaded Mailing List
http://www.securityfocus.com/bid/20101 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA06-333A.html Third Party Advisory
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html X_refsource_confirm
http://www.vupen.com/english/advisories/2006/3695 Vdb Entry
http://www.vupen.com/english/advisories/2006/4275 Vdb Entry
http://www.vupen.com/english/advisories/2006/4750 Vdb Entry
http://www.vupen.com/english/advisories/2006/4760 Vdb Entry
http://www.vupen.com/english/advisories/2007/0092 Vdb Entry
http://www.vupen.com/english/advisories/2007/0832 Vdb Entry
http://www.vupen.com/english/advisories/2007/1171 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/29040 Vdb Entry
https://issues.rpath.com/browse/RPL-615 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391 Signature
URL Date SRC
URL Date SRC
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc 2018-10-17
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html 2018-10-17
http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc 2018-10-17
http://security.gentoo.org/glsa/glsa-200609-13.xml 2018-10-17
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 2018-10-17
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1 2018-10-17
http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml 2018-10-17
http://www.mandriva.com/security/advisories?name=MDKSA-2006:167 2018-10-17
http://www.novell.com/linux/security/advisories/2006_56_gzip.html 2018-10-17
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html 2018-10-17
http://www.redhat.com/support/errata/RHSA-2006-0667.html 2018-10-17
http://www.securityfocus.com/archive/1/450078/100/0/threaded 2018-10-17
http://www.securityfocus.com/archive/1/451324/100/0/threaded 2018-10-17
http://www.securityfocus.com/archive/1/462007/100/0/threaded 2018-10-17
http://www.trustix.org/errata/2006/0052 2018-10-17
http://www.ubuntu.com/usn/usn-349-1 2018-10-17
http://www.us.debian.org/security/2006/dsa-1181 2018-10-17
https://access.redhat.com/security/cve/CVE-2006-4335 2006-09-19
https://bugzilla.redhat.com/show_bug.cgi?id=220595 2006-09-19
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gzip
Search vendor "Gzip"
 Gzip
Search vendor "Gzip" for product "Gzip"
 1.3.5
Search vendor "Gzip" for product "Gzip" and version "1.3.5"
-
Affected