Executive Summary
Summary | |
---|---|
Title | ncompress security update |
Informations | |||
---|---|---|---|
Name | RHSA-2006:0663 | First vendor Publication | 2006-09-12 |
Vendor | RedHat | Last vendor Modification | 2006-09-12 |
Severity (Vendor) | Low | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated ncompress packages that address a security issue and fix bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The ncompress package contains file compression and decompression utilities, which are compatible with the original UNIX compress utility (.Z file extensions). Tavis Ormandy of the Google Security Team discovered a lack of bounds checking in ncompress. An attacker could create a carefully crafted file that could execute arbitrary code if uncompressed by a victim. (CVE-2006-1168) In addition, two bugs that affected Red Hat Enterprise Linux 4 ncompress packages were fixed: * The display statistics and compression results in verbose mode were not shown when operating on zero length files. * An attempt to compress zero length files resulted in an unexpected return code. Users of ncompress are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 189215 - ncompress does not display statistics when compressing 0 length files 189216 - Bad return code when compressing 0 length files 201335 - CVE-2006-1168 Possibility to underflow a .bss buffer with attacker controlled data |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2006-0663.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:27729 | |||
Oval ID: | oval:org.mitre.oval:def:27729 | ||
Title: | DEPRECATED: ELSA-2012-0308 -- busybox security and bug fix update (low) | ||
Description: | [1:1.2.0-13] - Resolves: #768083 'busybox various flaws' including: 'buffer underflow in decompression' 'udhcpc insufficient checking of DHCP options' [1:1.2.0-12] - Resolves: #756723 'Kdump fails after findfs subcommand of busybox fails' [1:1.2.0-11] - Resolves: #689659 ''busybox cp' does not return a correct exit code when 'No space left on device'' | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0308 CVE-2011-2716 CVE-2006-1168 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27773 | |||
Oval ID: | oval:org.mitre.oval:def:27773 | ||
Title: | DEPRECATED: ELSA-2012-0810 -- busybox security and bug fix update (low) | ||
Description: | [1:1.15.1-15] - Fix btrfs support to findfs and related applets - Resolves: #751927 [1:1.15.1-14] - Resolves: #790335 'busybox various flaws' Added a fix for SEGV on empty command in hush [1:1.15.1-13] - Resolves: #790335 'busybox various flaws' including: 'buffer underflow in decompression' 'udhcpc insufficient checking of DHCP options' [1:1.15.1-12] - Backport 'set -o pipefail' support - Resolves: #782018 - Add btrfs support to findfs and related applets - Resolves: #751927 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0810 CVE-2011-2716 CVE-2006-1168 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9373 | |||
Oval ID: | oval:org.mitre.oval:def:9373 | ||
Title: | The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. | ||
Description: | The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-1168 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-14 | Name : Mandriva Update for busybox MDVSA-2012:129 (busybox) File : nvt/gb_mandriva_MDVSA_2012_129.nasl |
2012-08-14 | Name : Mandriva Update for busybox MDVSA-2012:129-1 (busybox) File : nvt/gb_mandriva_MDVSA_2012_129_1.nasl |
2012-07-30 | Name : CentOS Update for busybox CESA-2012:0810 centos6 File : nvt/gb_CESA-2012_0810_busybox_centos6.nasl |
2012-06-22 | Name : RedHat Update for busybox RHSA-2012:0810-04 File : nvt/gb_RHSA-2012_0810-04_busybox.nasl |
2012-02-21 | Name : RedHat Update for busybox RHSA-2012:0308-03 File : nvt/gb_RHSA-2012_0308-03_busybox.nasl |
2012-02-12 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD14.nasl |
2011-11-08 | Name : Mandriva Update for gimp MDVSA-2011:167 (gimp) File : nvt/gb_mandriva_MDVSA_2011_167.nasl |
2011-10-21 | Name : Mandriva Update for libxfont MDVSA-2011:153 (libxfont) File : nvt/gb_mandriva_MDVSA_2011_153.nasl |
2011-10-14 | Name : Mandriva Update for cups MDVSA-2011:146 (cups) File : nvt/gb_mandriva_MDVSA_2011_146.nasl |
2011-09-21 | Name : FreeBSD Ports: libXfont File : nvt/freebsd_libXfont.nasl |
2009-10-10 | Name : SLES9: Security update for ncompress File : nvt/sles9p5010157.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200610-03 (ncompress) File : nvt/glsa_200610_03.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1149-1 (ncompress) File : nvt/deb_1149_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
27868 | ncompress decompress() Function Datastream Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-02.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-103.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0810.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0308.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2006-0663.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-129.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_busybox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120620_busybox_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0810.nasl - Type : ACT_GATHER_INFO |
2012-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0810.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0308.nasl - Type : ACT_GATHER_INFO |
2011-11-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-167.nasl - Type : ACT_GATHER_INFO |
2011-10-18 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-153.nasl - Type : ACT_GATHER_INFO |
2011-10-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-146.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ncompress-1911.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2006-140.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1149.nasl - Type : ACT_GATHER_INFO |
2006-10-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200610-03.nasl - Type : ACT_GATHER_INFO |
2006-09-14 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0663.nasl - Type : ACT_GATHER_INFO |
2006-09-14 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0663.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:50:12 |
|