Intrusion Prevention

Gzip.Get.Buffer.Overflow.FTP

Description

It indicates a possible attempt of a Buffer Overflow attack against Gzip. Gzip is a freely available and open sourced compression tool. Certain versions are vulnerable to a Buffer Overflow because certain versions of Gzip do not handle long filenames. This provides a vector for an attacker to exploit and potentially force arbitrary code execution.

Affected Products

GNU gzip 1.2.4 ? 1.3.

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available. http://www.securityfocus.com/bid/3712/solution.

CVE References

CVE-2001-1228