Intrusion Prevention



It indicates a possible attempt of a Buffer Overflow attack against Gzip. Gzip is a freely available and open sourced compression tool. Certain versions are vulnerable to a Buffer Overflow because certain versions of Gzip do not handle long filenames. This provides a vector for an attacker to exploit and potentially force arbitrary code execution.

Affected Products

GNU gzip 1.2.4 ? 1.3.


Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References