Executive Summary
| Summary | |
|---|---|
| Title | zlib vulnerability |
| Informations | |||
|---|---|---|---|
| Name | USN-148-1 | First vendor Publication | 2005-07-06 |
| Vendor | Ubuntu | Last vendor Modification | 2005-07-06 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: zlib1g The problem can be corrected by upgrading the affected package to version 1:1.2.1.1-3ubuntu1.1 (for Ubuntu 4.10), or 1:1.2.2-4ubuntu1.1 (for Ubuntu 5.04). A standard system upgrade is NOT SUFFICIENT to effect the necessary changes! If you can afford to reboot your machine, this is the easiest way to ensure that all services using this library are restarted correctly. If not, please manually restart all server applications. Details follow: Tavis Ormandy discovered that zlib did not properly verify data streams. Decompressing certain invalid compressed files caused corruption of internal data structures, which caused applications which link to zlib to crash. Specially crafted input might even have allowed arbitrary code execution. zlib is used by hundreds of server and client applications, so this vulnerability could be exploited to cause Denial of Service attacks to almost all services provided by an Ubuntu system. |
Original Source
| Url : http://www.ubuntu.com/usn/USN-148-1 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11500 | |||
| Oval ID: | oval:org.mitre.oval:def:11500 | ||
| Title: | zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. | ||
| Description: | zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-2096 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:1262 | |||
| Oval ID: | oval:org.mitre.oval:def:1262 | ||
| Title: | zlib Compression Remote DoS Vulnerability (B.11.23) | ||
| Description: | zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-2096 | Version: | 1 |
| Platform(s): | HP-UX 11 | Product(s): | SecureShell |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:1542 | |||
| Oval ID: | oval:org.mitre.oval:def:1542 | ||
| Title: | zlib Compression Remote DoS Vulnerability (B.11.00/B.11.11) | ||
| Description: | zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-2096 | Version: | 1 |
| Platform(s): | HP-UX 11 | Product(s): | SecureShell |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 3 |
ExploitDB Exploits
| id | Description |
|---|---|
| 2011-04-01 | IPComp encapsulation pre-auth kernel memory corruption |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-10 | Name : SLES9: Security update for zlib File : nvt/sles9p5016451.nasl |
| 2009-10-10 | Name : SLES9: Security update for perl-Compress-Zlib File : nvt/sles9p5018309.nasl |
| 2009-10-10 | Name : SLES9: Security update for zlib File : nvt/sles9p5021486.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-05 (zlib) File : nvt/glsa_200507_05.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-28 (emul-linux-x86-baselibs) File : nvt/glsa_200507_28.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-01 (Compress-Zlib) File : nvt/glsa_200508_01.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-18 (qt) File : nvt/glsa_200509_18.nasl |
| 2008-09-04 | Name : FreeBSD Ports: zsync File : nvt/freebsd_zsync.nasl |
| 2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-05:16.zlib.asc) File : nvt/freebsdsa_zlib.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1026-1 (sash) File : nvt/deb_1026_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 740-1 (zlib) File : nvt/deb_740_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 797-2 (zsync) File : nvt/deb_797_2.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2005-189-01 zlib DoS File : nvt/esoft_slk_ssa_2005_189_01.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 17827 | zlib inftrees.c Crafted Compressed Stream Overflow DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2012-01-18 | Name : Arbitrary code could be executed on the remote database server. File : mysql_4_1_13a_or_5_0_10.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-773.nasl - Type : ACT_GATHER_INFO |
| 2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0264.nasl - Type : ACT_GATHER_INFO |
| 2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0629.nasl - Type : ACT_GATHER_INFO |
| 2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0525.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_10347.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_10292.nasl - Type : ACT_GATHER_INFO |
| 2008-11-14 | Name : The remote host contains a web browser that is affected by several issues. File : macosx_Safari3_2.nasl - Type : ACT_GATHER_INFO |
| 2008-11-14 | Name : The remote host contains a web browser that is affected by several issues. File : safari_3_2.nasl - Type : ACT_GATHER_INFO |
| 2006-11-06 | Name : The remote host is missing Sun Security Patch number 119209-36 File : solaris8_119209.nasl - Type : ACT_GATHER_INFO |
| 2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1026.nasl - Type : ACT_GATHER_INFO |
| 2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-569.nasl - Type : ACT_GATHER_INFO |
| 2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-584.nasl - Type : ACT_GATHER_INFO |
| 2006-06-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_34566.nasl - Type : ACT_GATHER_INFO |
| 2006-06-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_34567.nasl - Type : ACT_GATHER_INFO |
| 2006-05-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8efe93e2ee6211d983100001020eed82.nasl - Type : ACT_GATHER_INFO |
| 2006-04-11 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2006-070.nasl - Type : ACT_GATHER_INFO |
| 2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-151-4.nasl - Type : ACT_GATHER_INFO |
| 2006-01-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-151-3.nasl - Type : ACT_GATHER_INFO |
| 2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-151-2.nasl - Type : ACT_GATHER_INFO |
| 2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-151-1.nasl - Type : ACT_GATHER_INFO |
| 2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-148-1.nasl - Type : ACT_GATHER_INFO |
| 2005-11-02 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-196.nasl - Type : ACT_GATHER_INFO |
| 2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-124.nasl - Type : ACT_GATHER_INFO |
| 2005-10-05 | Name : The remote host is missing Sun Security Patch number 119212-36 File : solaris9_x86_119212.nasl - Type : ACT_GATHER_INFO |
| 2005-10-05 | Name : The remote host is missing Sun Security Patch number 119211-36 File : solaris9_119211.nasl - Type : ACT_GATHER_INFO |
| 2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-18.nasl - Type : ACT_GATHER_INFO |
| 2005-09-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-797.nasl - Type : ACT_GATHER_INFO |
| 2005-08-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2005-007.nasl - Type : ACT_GATHER_INFO |
| 2005-08-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-01.nasl - Type : ACT_GATHER_INFO |
| 2005-07-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200507-28.nasl - Type : ACT_GATHER_INFO |
| 2005-07-31 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_043.nasl - Type : ACT_GATHER_INFO |
| 2005-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-584.nasl - Type : ACT_GATHER_INFO |
| 2005-07-20 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_039.nasl - Type : ACT_GATHER_INFO |
| 2005-07-14 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-565.nasl - Type : ACT_GATHER_INFO |
| 2005-07-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-189-01.nasl - Type : ACT_GATHER_INFO |
| 2005-07-08 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-112.nasl - Type : ACT_GATHER_INFO |
| 2005-07-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200507-05.nasl - Type : ACT_GATHER_INFO |
| 2005-07-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-740.nasl - Type : ACT_GATHER_INFO |
| 2005-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-569.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 12:00:17 |
|
