JVN/CVE Demo: Cveinfos

CVE

Id: 20442
CVE No.: CVE-2006-4338
Status: Candidate
Description: unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
Phase: Assigned (20060824)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
190750	20442	CVE-2006-4338	BUGTRAQ:20060919 rPSA-2006-0170-1 gzip	View
190751	20442	CVE-2006-4338	URL:http://www.securityfocus.com/archive/1/archive/1/446426/100/0/threaded	View
190752	20442	CVE-2006-4338	BUGTRAQ:20070330 VMSA-2007-0002 VMware ESX security updates	View
190753	20442	CVE-2006-4338	URL:http://www.securityfocus.com/archive/1/archive/1/464268/100/0/threaded	View
190754	20442	CVE-2006-4338	MISC:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676	View
190755	20442	CVE-2006-4338	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm	View
190756	20442	CVE-2006-4338	CONFIRM:http://docs.info.apple.com/article.html?artnum=304829	View
190757	20442	CVE-2006-4338	CONFIRM:https://issues.rpath.com/browse/RPL-615	View
190758	20442	CVE-2006-4338	CONFIRM:http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html	View
190759	20442	CVE-2006-4338	APPLE:APPLE-SA-2006-11-28	View
190760	20442	CVE-2006-4338	URL:http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html	View
190761	20442	CVE-2006-4338	DEBIAN:DSA-1181	View
190762	20442	CVE-2006-4338	URL:http://www.us.debian.org/security/2006/dsa-1181	View
190763	20442	CVE-2006-4338	FEDORA:FLSA:211760	View
190764	20442	CVE-2006-4338	URL:http://www.securityfocus.com/archive/1/archive/1/451324/100/0/threaded	View
190765	20442	CVE-2006-4338	FREEBSD:FreeBSD-SA-06:21	View
190766	20442	CVE-2006-4338	URL:http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc	View
190767	20442	CVE-2006-4338	GENTOO:GLSA-200609-13	View
190768	20442	CVE-2006-4338	URL:http://security.gentoo.org/glsa/glsa-200609-13.xml	View
190769	20442	CVE-2006-4338	GENTOO:GLSA-200611-24	View
190770	20442	CVE-2006-4338	URL:http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml	View
190771	20442	CVE-2006-4338	HP:HPSBTU02168	View
190772	20442	CVE-2006-4338	URL:http://www.securityfocus.com/archive/1/archive/1/450078/100/0/threaded	View
190773	20442	CVE-2006-4338	HP:SSRT061237	View
190774	20442	CVE-2006-4338	URL:http://www.securityfocus.com/archive/1/archive/1/450078/100/0/threaded	View
190775	20442	CVE-2006-4338	HP:HPSBUX02195	View
190776	20442	CVE-2006-4338	URL:http://www.securityfocus.com/archive/1/archive/1/462007/100/0/threaded	View
190777	20442	CVE-2006-4338	MANDRIVA:MDKSA-2006:167	View
190778	20442	CVE-2006-4338	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:167	View
190779	20442	CVE-2006-4338	OPENPKG:OpenPKG-SA-2006.020	View
190780	20442	CVE-2006-4338	URL:http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html	View
190781	20442	CVE-2006-4338	REDHAT:RHSA-2006:0667	View
190782	20442	CVE-2006-4338	URL:http://www.redhat.com/support/errata/RHSA-2006-0667.html	View
190783	20442	CVE-2006-4338	SGI:20061001-01-P	View
190784	20442	CVE-2006-4338	URL:ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc	View
190785	20442	CVE-2006-4338	SLACKWARE:SSA:2006-262	View
190786	20442	CVE-2006-4338	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852	View
190787	20442	CVE-2006-4338	SUNALERT:102766	View
190788	20442	CVE-2006-4338	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1	View
190789	20442	CVE-2006-4338	SUSE:SUSE-SA:2006:056	View
190790	20442	CVE-2006-4338	URL:http://www.novell.com/linux/security/advisories/2006_56_gzip.html	View
190791	20442	CVE-2006-4338	TRUSTIX:2006-0052	View
190792	20442	CVE-2006-4338	URL:http://www.trustix.org/errata/2006/0052/	View
190793	20442	CVE-2006-4338	UBUNTU:USN-349-1	View
190794	20442	CVE-2006-4338	URL:http://www.ubuntu.com/usn/usn-349-1	View
190795	20442	CVE-2006-4338	CERT:TA06-333A	View
190796	20442	CVE-2006-4338	URL:http://www.us-cert.gov/cas/techalerts/TA06-333A.html	View
190797	20442	CVE-2006-4338	BID:20101	View
190798	20442	CVE-2006-4338	URL:http://www.securityfocus.com/bid/20101	View
190799	20442	CVE-2006-4338	OVAL:oval:org.mitre.oval:def:11290	View
190800	20442	CVE-2006-4338	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11290	View
190801	20442	CVE-2006-4338	VUPEN:ADV-2006-3695	View
190802	20442	CVE-2006-4338	URL:http://www.vupen.com/english/advisories/2006/3695	View
190803	20442	CVE-2006-4338	VUPEN:ADV-2006-4275	View
190804	20442	CVE-2006-4338	URL:http://www.vupen.com/english/advisories/2006/4275	View
190805	20442	CVE-2006-4338	VUPEN:ADV-2006-4750	View
190806	20442	CVE-2006-4338	URL:http://www.vupen.com/english/advisories/2006/4750	View
190807	20442	CVE-2006-4338	VUPEN:ADV-2006-4760	View
190808	20442	CVE-2006-4338	URL:http://www.vupen.com/english/advisories/2006/4760	View
190809	20442	CVE-2006-4338	VUPEN:ADV-2007-0092	View
190810	20442	CVE-2006-4338	URL:http://www.vupen.com/english/advisories/2007/0092	View
190811	20442	CVE-2006-4338	VUPEN:ADV-2007-0832	View
190812	20442	CVE-2006-4338	URL:http://www.vupen.com/english/advisories/2007/0832	View
190813	20442	CVE-2006-4338	VUPEN:ADV-2007-1171	View
190814	20442	CVE-2006-4338	URL:http://www.vupen.com/english/advisories/2007/1171	View
190815	20442	CVE-2006-4338	OSVDB:29008	View
190816	20442	CVE-2006-4338	URL:http://www.osvdb.org/29008	View
190817	20442	CVE-2006-4338	SECTRACK:1016883	View
190818	20442	CVE-2006-4338	URL:http://securitytracker.com/id?1016883	View
190819	20442	CVE-2006-4338	SECUNIA:22002	View
190820	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22002	View
190821	20442	CVE-2006-4338	SECUNIA:22009	View
190822	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22009	View
190823	20442	CVE-2006-4338	SECUNIA:22017	View
190824	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22017	View
190825	20442	CVE-2006-4338	SECUNIA:22033	View
190826	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22033	View
190827	20442	CVE-2006-4338	SECUNIA:22034	View
190828	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22034	View
190829	20442	CVE-2006-4338	SECUNIA:22012	View
190830	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22012	View
190831	20442	CVE-2006-4338	SECUNIA:22043	View
190832	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22043	View
190833	20442	CVE-2006-4338	SECUNIA:22085	View
190834	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22085	View
190835	20442	CVE-2006-4338	SECUNIA:22101	View
190836	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22101	View
190837	20442	CVE-2006-4338	SECUNIA:22027	View
190838	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22027	View
190839	20442	CVE-2006-4338	SECUNIA:22435	View
190840	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22435	View
190841	20442	CVE-2006-4338	SECUNIA:22661	View
190842	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22661	View
190843	20442	CVE-2006-4338	SECUNIA:22487	View
190844	20442	CVE-2006-4338	URL:http://secunia.com/advisories/22487	View
190845	20442	CVE-2006-4338	SECUNIA:23153	View
190846	20442	CVE-2006-4338	URL:http://secunia.com/advisories/23153	View
190847	20442	CVE-2006-4338	SECUNIA:23155	View
190848	20442	CVE-2006-4338	URL:http://secunia.com/advisories/23155	View
190849	20442	CVE-2006-4338	SECUNIA:23156	View
190850	20442	CVE-2006-4338	URL:http://secunia.com/advisories/23156	View
190851	20442	CVE-2006-4338	SECUNIA:21996	View
190852	20442	CVE-2006-4338	URL:http://secunia.com/advisories/21996	View
190853	20442	CVE-2006-4338	SECUNIA:23679	View
190854	20442	CVE-2006-4338	URL:http://secunia.com/advisories/23679	View
190855	20442	CVE-2006-4338	SECUNIA:24435	View
190856	20442	CVE-2006-4338	URL:http://secunia.com/advisories/24435	View
190857	20442	CVE-2006-4338	SECUNIA:24636	View
190858	20442	CVE-2006-4338	URL:http://secunia.com/advisories/24636	View
190859	20442	CVE-2006-4338	XF:gzip-lhz-dos(29046)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
58361	JVNDB-2006-000557	Mozilla 製品の NSS における RSA 署名を偽造される脆弱性	Mozilla クライアント製品が利用する Network Security Service (NSS) 暗号ライブラリには、RSA 署名の検証における署名の付加データの処理が不適切であるため、公開指数が 3 である RSA 鍵による署名データが適切に処理されない脆弱性が存在します。	CVE-2006-4340	20442	5		http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000557.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.44 MB
View render complete	3.03 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.93
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	389.12
Event: Controller.beforeRender	5.60
» Processing toolbar data	5.50
Rendering View	31.18
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	29.77
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.84
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.15
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/20442
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/20442
Remote Port	9720
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.1
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.145.128
Http Via	1.1 squid-proxy-5b5d847c96-56z77 (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.1
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.1
Unique Id	aOvLDw7mhpB_zEQi_eHTEwAAAWc
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.1
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.1
Redirect Unique Id	aOvLDw7mhpB_zEQi_eHTEwAAAWc
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.1
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.1
Redirect Redirect Unique Id	aOvLDw7mhpB_zEQi_eHTEwAAAWc
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1760283407.6949
Request Time	1760283407

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files