unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent malicious users to cause a denial of service (infinite loop) via a crafted GZIP archive.
Tavis Ormandy discovered that gzip did not sufficiently verify the
validity of gzip or compress archives while unpacking By tricking an
user or automated system into unpacking a specially crafted compressed
file, this could be exploited to execute arbitrary code with the
user’s privileges ...
Debian Bug report logs -
#401301
lha: LHa Multiple Vulnerabilities
Package:
lha;
Maintainer for lha is (unknown);
Reported by: Stefan Fritsch <sf@sfritschde>
Date: Sat, 2 Dec 2006 13:03:11 UTC
Severity: grave
Tags: security
Found in version lha/114i-10
Fixed in version 114i-101
Done: Moritz Muehlenhoff <jmm@inuti ...
Tavis Ormandy from the Google Security Team discovered several
vulnerabilities in gzip, the GNU compression utility The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2006-4334
A null pointer dereference may lead to denial of service if gzip is
used in an automated manner
CVE-2006-4335
Missing bou ...