Executive Summary
Summary | |
---|---|
Title | New zlib packages fix buffer overflow |
Informations | |||
---|---|---|---|
Name | DSA-763 | First vendor Publication | 2005-07-20 |
Vendor | Debian | Last vendor Modification | 2005-07-20 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Markus Oberhumer discovered a flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file. This problem does not affect the old stable distribution (woody). For the current stable distribution (sarge), this problem has been fixed in version 1.2.2-4.sarge.2. For the unstable distribution (sid), this problem has been fixed in version 1.2.3-1. We recommend that you upgrade your zlib package. |
Original Source
Url : http://www.debian.org/security/2005/dsa-763 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11402 | |||
Oval ID: | oval:org.mitre.oval:def:11402 | ||
Title: | inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced. | ||
Description: | inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1849 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-19 | Name : Fedora Core 11 FEDORA-2009-10262 (deltarpm) File : nvt/fcore_2009_10262.nasl |
2009-10-13 | Name : Fedora Core 10 FEDORA-2009-10233 (deltarpm) File : nvt/fcore_2009_10233.nasl |
2009-10-13 | Name : Fedora Core 11 FEDORA-2009-10237 (deltarpm) File : nvt/fcore_2009_10237.nasl |
2009-10-10 | Name : SLES9: Security update for zlib File : nvt/sles9p5016451.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-19 (zlib) File : nvt/glsa_200507_19.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-28 (emul-linux-x86-baselibs) File : nvt/glsa_200507_28.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-01 (Compress-Zlib) File : nvt/glsa_200508_01.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-18 (qt) File : nvt/glsa_200509_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200603-18 (pngcrush) File : nvt/glsa_200603_18.nasl |
2008-09-04 | Name : FreeBSD Ports: linux_base-suse File : nvt/freebsd_linux_base-suse.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-05:18.zlib.asc) File : nvt/freebsdsa_zlib1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1026-1 (sash) File : nvt/deb_1026_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 763-1 (zlib) File : nvt/deb_763_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 797-2 (zsync) File : nvt/deb_797_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
18141 | zlib inftrees.c Invalid File Overflow Local DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-01-18 | Name : The remote database server is vulnerable to a denial of service attack. File : mysql_4_1_13a_or_5_0_11.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-773.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0629.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0525.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0264.nasl - Type : ACT_GATHER_INFO |
2009-10-15 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10262.nasl - Type : ACT_GATHER_INFO |
2009-10-09 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10233.nasl - Type : ACT_GATHER_INFO |
2009-10-09 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10237.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_10347.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1026.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-584.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_837b9fb2059511da86bc000e0c2e438a.nasl - Type : ACT_GATHER_INFO |
2006-04-11 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2006-070.nasl - Type : ACT_GATHER_INFO |
2006-03-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200603-18.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-151-4.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-151-3.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-151-2.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-151-1.nasl - Type : ACT_GATHER_INFO |
2005-11-02 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-196.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-18.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-124.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-797.nasl - Type : ACT_GATHER_INFO |
2005-08-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2005-007.nasl - Type : ACT_GATHER_INFO |
2005-08-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-01.nasl - Type : ACT_GATHER_INFO |
2005-07-31 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_043.nasl - Type : ACT_GATHER_INFO |
2005-07-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200507-28.nasl - Type : ACT_GATHER_INFO |
2005-07-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-625.nasl - Type : ACT_GATHER_INFO |
2005-07-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-626.nasl - Type : ACT_GATHER_INFO |
2005-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-584.nasl - Type : ACT_GATHER_INFO |
2005-07-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200507-19.nasl - Type : ACT_GATHER_INFO |
2005-07-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-763.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:34:10 |
|