Debian: 2074-1: ncompress: integer underflow

view full story

http://www.linuxsecurity.com – LinuxSecurity.com: Aki Helin discovered an integer underflow in ncompress, the original Lempel-Ziv compress/uncompress programs. This could lead to the execution of arbitrary code when trying to decompress a crafted LZW compressed gzip archive. [More...] (Security)

Submitted by robot1 on 07/21/2010 – Made popular on 07/21/2010

Login or register to post comments
Email this page

Security

Stories similar to Debian: 2074-1: ncompress: integer underflow

Pardus: 2010-86: ncompress: Integer Underflow 2 years 47 weeks ago

LinuxSecurity.com: An integer underflow vulnerability has been fixed which can be used by malicious people to cause denial of service.

USN-889-1: gzip vulnerabilities 3 years 17 weeks ago

Referenced CVEs:

CVE-2009-2624, CVE-2010-0001

Description:

=========================================================== Ubuntu Security Notice USN-889-1 January 20, 2010 gzip vulnerabilities CVE-2009-2624, CVE-2010-0001 ===================================================

Pardus: 2010-81: Tiff: Integer Overflow 2 years 48 weeks ago

LinuxSecurity.com: Multiple integer overflows have been fixed in tiff which can be used by malicious people to execute arbitrary code.

Write this more efficiently? 18 weeks 4 hours ago

I have the following code:

Integer cr = 3; String y = "\"\r\n\"";

for (Integer i = 0; i < cr; i++) { for (Integer j = 0; j < cr; j++) { for (Integer k = 0; k < cr; k++) { for (Integer l = 0; l < cr; l++) { for (Integer m = 0; m < cr; m++) {

compressed and tar file integrity 30 weeks 4 days ago

How can I ensure the folder that I tar and compress is good to be archive in DVD or tape? Must I uncompress and untar the file, or there is any way to tell the integerity of the compressed file before send to archive? I have bad experience on this, which the archive compressed file cold not be opened, the error message is unexpected EOF. I guess it could be incomplete archive process.

Decompress a GZIP "string" compressed in .NET 35 weeks 3 days ago

Hallo,

I've got an issue trying to decompress something that was compressed in VB.NET using Gzip.

In .NET the following occurs to an XML file:

- The file is compressed using Gzip - The result is encrypted using Triple3DES - The result is saved to a file

In Android, I've got the 3DES decryption working fine, which when I open a file where I only encrypted in .NET, returns the XML tha

Utilities to compress and uncompress files in Linux 3 years 3 weeks ago

In this article, it is intended to discuss the following utilities that are used to compress and uncompress files in Linux:

tar gzip & gunzip bzip2 & bunzip2

tar

Ubuntu: 943-1: Thunderbird vulnerabilities 2 years 45 weeks ago

LinuxSecurity.com: Martin Barbella discovered an integer overflow in an XSLT node sortingroutine. An attacker could exploit this to overflow a buffer and cause adenial of service or possibly execute arbitrary code with the privileges ofthe user invoking the program. (CVE-2010-1199) [More...]

How to compress with bzip2 and gzip using xar? 30 weeks 6 days ago

In the "Why Xar" page of the Xar google code page it says:

"Additionally, this means xar can use different compression methods for each file in the archive.

Debian: 2074-1: ncompress: integer underflow

Search

Beautiful linux wallpapers

Tags