Vulnerabilities > CVE-2004-0797 - Unspecified vulnerability in Zlib 1.2.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash).
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200408-26.NASL description The remote host is affected by the vulnerability described in GLSA-200408-26 (zlib: Denial of service vulnerability) zlib contains a bug in the handling of errors in the last seen 2020-06-01 modified 2020-06-02 plugin id 14582 published 2004-08-30 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/14582 title GLSA-200408-26 : zlib: Denial of service vulnerability code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200408-26. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(14582); script_version("1.17"); script_cvs_date("Date: 2019/08/02 13:32:41"); script_cve_id("CVE-2004-0797"); script_xref(name:"GLSA", value:"200408-26"); script_name(english:"GLSA-200408-26 : zlib: Denial of service vulnerability"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200408-26 (zlib: Denial of service vulnerability) zlib contains a bug in the handling of errors in the 'inflate()' and 'inflateBack()' functions. Impact : An attacker could exploit this vulnerability to launch a Denial of Service attack on any application using the zlib library. Workaround : There is no known workaround at this time. All users are encouraged to upgrade to the latest available version of zlib." ); # http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html script_set_attribute( attribute:"see_also", value:"http://meta.openpkg.org/global-sitemap.php" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200408-26" ); script_set_attribute( attribute:"solution", value: "All zlib users should upgrade to the latest version: # emerge sync # emerge -pv '>=sys-libs/zlib-1.2.1-r3' # emerge '>=sys-libs/zlib-1.2.1-r3' You should also run revdep-rebuild to rebuild any packages that depend on older versions of zlib : # revdep-rebuild" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:zlib"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2004/08/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"sys-libs/zlib", unaffected:make_list("ge 1.2.1-r3"), vulnerable:make_list("le 1.2.1-r2"))) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:qpkg_report_get()); else security_note(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "zlib"); }NASL family SuSE Local Security Checks NASL id SUSE_SA_2004_029.NASL description The remote host is missing the patch for the advisory SUSE-SA:2004:029 (zlib). zlib is a widely used data compression library. Programs linked against it include most desktop applications as well as servers such as Apache and OpenSSH. The last seen 2020-06-01 modified 2020-06-02 plugin id 14658 published 2004-09-03 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14658 title SUSE-SA:2004:029: zlib code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # This plugin text was extracted from SuSE Security Advisory SUSE-SA:2004:029 # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(14658); script_bugtraq_id(11051); script_version ("1.12"); script_cve_id("CVE-2004-0797"); name["english"] = "SUSE-SA:2004:029: zlib"; script_name(english:name["english"]); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a vendor-supplied security patch" ); script_set_attribute(attribute:"description", value: "The remote host is missing the patch for the advisory SUSE-SA:2004:029 (zlib). zlib is a widely used data compression library. Programs linked against it include most desktop applications as well as servers such as Apache and OpenSSH. The 'inflate' function of zlib handles certain input data incorrectly which could lead to a denial of service condition for programs using it with untrusted data. Whether the vulnerability can be exploided locally or remotely depends on the application using it. zlib versions older than version 1.2 are not affected." ); script_set_attribute(attribute:"solution", value: "http://www.suse.de/security/2004_29_zlib.html" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_publication_date", value: "2004/09/03"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_end_attributes(); summary["english"] = "Check for the version of the zlib package"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); family["english"] = "SuSE Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/SuSE/rpm-list"); exit(0); } include("rpm.inc"); if ( rpm_check( reference:"zlib-1.2.1-70.6", release:"SUSE9.1") ) { security_note(0); exit(0); } if ( rpm_check( reference:"zlib-devel-1.2.1-70.6", release:"SUSE9.1") ) { security_note(0); exit(0); } if (rpm_exists(rpm:"zlib-", release:"SUSE9.1") ) { set_kb_item(name:"CVE-2004-0797", value:TRUE); }NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2004-278-02.NASL description New zlib packages are available for Slackware 10.0 and -current to fix a possible denial of service security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 18745 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18745 title Slackware 10.0 / current : zlib DoS (SSA:2004-278-02) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Slackware Security Advisory 2004-278-02. The text # itself is copyright (C) Slackware Linux, Inc. # include("compat.inc"); if (description) { script_id(18745); script_version("1.18"); script_cvs_date("Date: 2019/10/25 13:36:20"); script_cve_id("CVE-2004-0797"); script_xref(name:"SSA", value:"2004-278-02"); script_name(english:"Slackware 10.0 / current : zlib DoS (SSA:2004-278-02)"); script_summary(english:"Checks for updated package in /var/log/packages"); script_set_attribute( attribute:"synopsis", value:"The remote Slackware host is missing a security update." ); script_set_attribute( attribute:"description", value: "New zlib packages are available for Slackware 10.0 and -current to fix a possible denial of service security issue." ); # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.319160 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c7c2e3b8" ); script_set_attribute(attribute:"solution", value:"Update the affected zlib package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:zlib"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0"); script_set_attribute(attribute:"patch_publication_date", value:"2004/10/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Slackware Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("slackware.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware"); if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu); flag = 0; if (slackware_check(osver:"10.0", pkgname:"zlib", pkgver:"1.2.2", pkgarch:"i486", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"zlib", pkgver:"1.2.2", pkgarch:"i486", pkgnum:"1")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:slackware_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-090.NASL description Due to a Debian bug report, a Denial of Service vulnerability was discovered in the zlib compression library versions 1.2.x, in the inflate() and inflateBack() functions. Older versions of zlib are not affected. Once the updated packages have been installed, all programs linked against zlib must be restarted for the new packages to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 14679 published 2004-09-08 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14679 title Mandrake Linux Security Advisory : zlib (MDKSA-2004:090) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2004:090. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(14679); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:47"); script_cve_id("CVE-2004-0797"); script_xref(name:"MDKSA", value:"2004:090"); script_name(english:"Mandrake Linux Security Advisory : zlib (MDKSA-2004:090)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Due to a Debian bug report, a Denial of Service vulnerability was discovered in the zlib compression library versions 1.2.x, in the inflate() and inflateBack() functions. Older versions of zlib are not affected. Once the updated packages have been installed, all programs linked against zlib must be restarted for the new packages to take effect." ); script_set_attribute( attribute:"solution", value:"Update the affected zlib1 and / or zlib1-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:zlib1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:zlib1-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0"); script_set_attribute(attribute:"patch_publication_date", value:"2004/09/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK10.0", reference:"zlib1-1.2.1-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", reference:"zlib1-devel-1.2.1-2.1.100mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=252253
- https://bugzilla.fedora.us/show_bug.cgi?id=2043
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.17/SCOSA-2004.17.txt
- http://www.novell.com/linux/security/advisories/2004_29_zlib.html
- http://www.kb.cert.org/vuls/id/238678
- http://security.gentoo.org/glsa/glsa-200408-26.xml
- http://www.osvdb.org/9360
- http://www.osvdb.org/9361
- http://secunia.com/advisories/11129
- http://securitytracker.com/id?1011085
- http://www.securityfocus.com/bid/11051
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt
- http://secunia.com/advisories/18377
- http://secunia.com/advisories/17054
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000865
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000878
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.319160
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:090
- http://marc.info/?l=bugtraq&m=109353792914900&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17119