Vulnerabilities > CVE-2005-1849 - Unspecified vulnerability in Zlib 1.2.2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

zlib

nessus

NVD

Published: 2005-07-26

Updated: 2022-06-22

Summary

inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.

Vulnerable Configurations

Part	Description	Count
Application	Zlib Zlib Zlib 1.2.2	1

Nessus

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200509-18.NASL
description	The remote host is affected by the vulnerability described in GLSA-200509-18 (Qt: Buffer overflow in the included zlib library) Qt links to a bundled vulnerable version of zlib when emerged with the zlib USE-flag disabled. This may lead to a buffer overflow. Impact : By creating a specially crafted compressed data stream, attackers can overwrite data structures for applications that use Qt, resulting in a Denial of Service or potentially arbitrary code execution. Workaround : Emerge Qt with the zlib USE-flag enabled.
last seen	2020-06-01
modified	2020-06-02
plugin id	19817
published	2005-10-05
reporter	This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/19817
title	GLSA-200509-18 : Qt: Buffer overflow in the included zlib library
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200509-18. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(19817); script_version("1.18"); script_cvs_date("Date: 2019/08/02 13:32:42"); script_cve_id("CVE-2005-1849", "CVE-2005-2096"); script_xref(name:"GLSA", value:"200509-18"); script_name(english:"GLSA-200509-18 : Qt: Buffer overflow in the included zlib library"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200509-18 (Qt: Buffer overflow in the included zlib library) Qt links to a bundled vulnerable version of zlib when emerged with the zlib USE-flag disabled. This may lead to a buffer overflow. Impact : By creating a specially crafted compressed data stream, attackers can overwrite data structures for applications that use Qt, resulting in a Denial of Service or potentially arbitrary code execution. Workaround : Emerge Qt with the zlib USE-flag enabled." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200507-05" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200507-19" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200509-18" ); script_set_attribute( attribute:"solution", value: "All Qt users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-libs/qt-3.3.4-r8'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:qt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2005/09/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/10/05"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"x11-libs/qt", unaffected:make_list("ge 3.3.4-r8"), vulnerable:make_list("lt 3.3.4-r8"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Qt"); }

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200507-19.NASL
description	The remote host is affected by the vulnerability described in GLSA-200507-19 (zlib: Buffer overflow) zlib improperly handles invalid data streams which could lead to a buffer overflow. Impact : By creating a specially crafted compressed data stream, attackers can overwrite data structures for applications that use zlib, resulting in arbitrary code execution or a Denial of Service. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	19281
published	2005-07-22
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19281
title	GLSA-200507-19 : zlib: Buffer overflow

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2009-10262.NASL
description	deltarpm prior to the current build ships with a bundled copy of zlib. This version of zlib has a known vulnerability with CVE identifier: CVE-2005-1849 This build of deltarpm patches the program to use the system zlib (which was fixed when the vulnerability was first discovered) instead of the bundled copy. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	42122
published	2009-10-15
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/42122
title	Fedora 11 : deltarpm-3.4-18.fc11 (2009-10262)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2005-625.NASL
description	- Fri Jul 22 2005 Ivana Varekova <varekova at redhat.com> 1.2.1.2-3.fc3 - fix bug 163038 - CVE-2005-1849 - zlib overflow problem Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	19293
published	2005-07-24
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19293
title	Fedora Core 3 : zlib-1.2.1.2-3.fc3 (2005-625)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-773.NASL
description	This advisory adds security support for the stable amd64 distribution. It covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.
last seen	2020-06-01
modified	2020-06-02
plugin id	57528
published	2012-01-12
reporter	This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/57528
title	Debian DSA-773-1 : amd64 - several vulnerabilities

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_SECUPD2005-007.NASL
description	The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2005-007 applied. This security update contains fixes for the following products : - Apache 2 - AppKit - Bluetooth - CoreFoundation - CUPS - Directory Services - HItoolbox - Kerberos - loginwindow - Mail - MySQL - OpenSSL - QuartzComposerScreenSaver - ping - Safari - SecurityInterface - servermgrd - servermgr_ipfilter - SquirelMail - traceroute - WebKit - WebLog Server - X11 - zlib
last seen	2020-06-01
modified	2020-06-02
plugin id	19463
published	2005-08-18
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19463
title	Mac OS X Multiple Vulnerabilities (Security Update 2005-007)

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2006-070.NASL
description	Tavis Ormandy of the Gentoo Security Project discovered a vulnerability in zlib where a certain data stream would cause zlib to corrupt a data structure, resulting in the linked application to dump core (CVE-2005-2096). Markus Oberhumber discovered additional ways that a specially crafted compressed stream could trigger an overflow. An attacker could create such a stream that would cause a linked application to crash if opened by a user (CVE-2005-1849). Both of these issues have previously been fixed in zlib, but sash links statically against zlib and is thus also affected by these issues. New sash packages are available that link against the updated zlib packages.
last seen	2020-06-01
modified	2020-06-02
plugin id	21207
published	2006-04-11
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/21207
title	Mandrake Linux Security Advisory : sash (MDKSA-2006:070)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2008-0264.NASL
description	Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Two denial-of-service flaws were fixed in ZLib. (CVE-2005-2096, CVE-2005-1849) Multiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339, CVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969) Multiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052, CVE-2006-4980, CVE-2006-1542) Users of Red Hat Network Satellite Server 5.0.1 are advised to upgrade to 5.0.2, which resolves these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	43836
published	2010-01-10
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/43836
title	RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_837B9FB2059511DA86BC000E0C2E438A.NASL
description	Problem description A fixed-size buffer is used in the decompression of data streams. Due to erronous analysis performed when zlib was written, this buffer, which was belived to be sufficiently large to handle any possible input stream, is in fact too small. Impact A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.
last seen	2020-06-01
modified	2020-06-02
plugin id	21460
published	2006-05-13
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21460
title	FreeBSD : zlib -- buffer overflow vulnerability (837b9fb2-0595-11da-86bc-000e0c2e438a)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2005-626.NASL
description	- Fri Jul 22 2005 Ivana Varekova <varekova at redhat.com> 1.2.2.2-5.fc4 - fix bug 163038 - CVE-2005-1849 - zlib buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	19294
published	2005-07-24
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19294
title	Fedora Core 4 : zlib-1.2.2.2-5.fc4 (2005-626)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1026.NASL
description	Markus Oberhumer discovered a flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file. A further error in the way zlib handles the inflation of certain compressed files can cause a program which uses zlib to crash when opening an invalid file. sash, the stand-alone shell, links statically against zlib, and was thus affected by these problems.
last seen	2020-06-01
modified	2020-06-02
plugin id	22568
published	2006-10-14
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/22568
title	Debian DSA-1026-1 : sash - buffer overflows

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-797.NASL
description	zsync, a file transfer program, includes a modified local copy of the zlib library, and is vulnerable to certain bugs fixed previously in the zlib package. There was a build error for the sarge i386 proftpd packages released in DSA 797-1. A new build, zsync_0.3.3-1.sarge.1.2, has been prepared to correct this error. The packages for other architectures are unaffected.
last seen	2020-06-01
modified	2020-06-02
plugin id	19567
published	2005-09-06
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19567
title	Debian DSA-797-2 : zsync - denial of service

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-151-3.NASL
description	USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Since aide is statically linked against the zlib library, it is also affected by these issues. The updated packagages have been rebuilt against the fixed zlib. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	20551
published	2006-01-15
reporter	Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20551
title	Ubuntu 4.10 / 5.04 / 5.10 : aide vulnerabilities (USN-151-3)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2009-10237.NASL
description	deltarpm prior to the current build ships with a bundled copy of zlib. This version of zlib has a known vulnerability with CVE identifier: CVE-2005-1849 This build of deltarpm patches the program to use the system zlib (which was fixed when the vulnerability was first discovered) instead of the bundled copy. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	42073
published	2009-10-09
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/42073
title	Fedora 11 : deltarpm-3.4-17.fc11 (2009-10237)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-151-1.NASL
description	USN-148-1 fixed an improver input verification of zlib (CAN-2005-2096). Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary. zlib is used by hundreds of server and client applications, so this vulnerability could be exploited to cause Denial of Service attacks to almost all services provided by an Ubuntu system. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	20549
published	2006-01-15
reporter	Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20549
title	Ubuntu 4.10 / 5.04 : zlib vulnerability (USN-151-1)

NASL family	Databases
NASL id	MYSQL_4_1_13A_OR_5_0_11.NASL
description	The version of MySQL installed on the remote host is older than 4.1.13a or 5.0.11 and as such, may have been linked with zlib 1.2.2. On operating systems where the MySQL binaries are statically linked (mainly Windows and HP-UX), a remote attacker could crash the server by triggering a buffer overflow in zlib.
last seen	2020-06-01
modified	2020-06-02
plugin id	17828
published	2012-01-18
reporter	This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/17828
title	MySQL < 4.1.13a / 5.0.11 Zlib Library Buffer Overflow

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200507-28.NASL
description	The remote host is affected by the vulnerability described in GLSA-200507-28 (AMD64 x86 emulation base libraries: Buffer overflow) Earlier versions of emul-linux-x86-baselibs contain a vulnerable version of zlib, which may lead to a buffer overflow. Impact : By creating a specially crafted compressed data stream, attackers can overwrite data structures for applications that use the x86 emulation base libraries for AMD64, resulting in a Denial of Service and potentially arbitrary code execution. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	19330
published	2005-07-31
reporter	This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/19330
title	GLSA-200507-28 : AMD64 x86 emulation base libraries: Buffer overflow

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2005-196.NASL
description	The perl Compress::Zlib module contains an internal copy of the zlib library that was vulnerable to CVE-2005-1849 and CVE-2005-2096. This library was updated with version 1.35 of Compress::Zlib. An updated perl-Compress-Zlib package is now available to provide the fixed module.
last seen	2020-06-01
modified	2020-06-02
plugin id	20124
published	2005-11-02
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20124
title	Mandrake Linux Security Advisory : perl-Compress-Zlib (MDKSA-2005:196)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-151-2.NASL
description	USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Most applications use the shared library provided by the
last seen	2020-06-01
modified	2020-06-02
plugin id	20550
published	2006-01-15
reporter	Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20550
title	Ubuntu 4.10 / 5.04 : dpkg, ia32-libs, amd64-libs vulnerabilities (USN-151-2)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2009-10233.NASL
description	deltarpm prior to the current build ships with a bundled copy of zlib. This version of zlib has a known vulnerability with CVE identifier: CVE-2005-1849 This build of deltarpm patches the program to use the system zlib (which was fixed when the vulnerability was first discovered) instead of the bundled copy. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	42072
published	2009-10-09
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/42072
title	Fedora 10 : deltarpm-3.4-11.fc10.1 (2009-10233)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SA_2005_043.NASL
description	The remote host is missing the patch for the advisory SUSE-SA:2005:043 (zlib). The previous zlib update for CVE-2005-2096 fixed a flaw in zlib that could allow a carefully crafted compressed stream to crash an application. While the original patch corrected the reported overflow, Markus Oberhumer discovered additional ways a stream could trigger an overflow. This update fixes those problems as well. This issue is tracked by the Mitre CVE ID CVE-2005-1849. Since only zlib 1.2.x is affected, older SUSE products are not affected by this problem.
last seen	2019-10-28
modified	2005-07-31
plugin id	19333
published	2005-07-31
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19333
title	SUSE-SA:2005:043: zlib

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200508-01.NASL
description	The remote host is affected by the vulnerability described in GLSA-200508-01 (Compress::Zlib: Buffer overflow) Compress::Zlib 1.34 contains a local vulnerable version of zlib, which may lead to a buffer overflow. Impact : By creating a specially crafted compressed data stream, attackers can overwrite data structures for applications that use Compress::Zlib, resulting in a Denial of Service and potentially arbitrary code execution. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	19361
published	2005-08-01
reporter	This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/19361
title	GLSA-200508-01 : Compress::Zlib: Buffer overflow

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2008-0525.NASL
description	Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib was discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-2096). An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around could allow an attacker, acting as a
last seen	2020-06-01
modified	2020-06-02
plugin id	43838
published	2010-01-10
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/43838
title	RHEL 3 / 4 : Solaris client in Satellite Server (RHSA-2008:0525)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2005-584.NASL
description	Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Zlib is a general-purpose lossless data compression library that is used by many different programs. A previous zlib update, RHSA-2005:569 (CVE-2005-2096) fixed a flaw in zlib that could allow a carefully crafted compressed stream to crash an application. While the original patch corrected the reported overflow, Markus Oberhumer discovered additional ways a stream could trigger an overflow. An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. As an example, an attacker could create a malicious PNG image file that would cause a Web browser or mail viewer to crash if the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2005-1849 to this issue. Note that the versions of zlib shipped with Red Hat Enterprise Linux 2.1 and 3 are not vulnerable to this issue. All users should update to these errata packages that contain a patch from Mark Adler that corrects this issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	19284
published	2005-07-22
reporter	This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/19284
title	RHEL 4 : zlib (RHSA-2005:584)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-151-4.NASL
description	USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Since lsb-rpm is statically linked against the zlib library, it is also affected by these issues. The updated packagages have been rebuilt against the fixed zlib. Please note that lsb-rpm is not officially supported (it is in the
last seen	2020-06-01
modified	2020-06-02
plugin id	20552
published	2006-01-15
reporter	Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20552
title	Ubuntu 4.10 / 5.04 / 5.10 : rpm vulnerability (USN-151-4)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2005-584.NASL
description	Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Zlib is a general-purpose lossless data compression library that is used by many different programs. A previous zlib update, RHSA-2005:569 (CVE-2005-2096) fixed a flaw in zlib that could allow a carefully crafted compressed stream to crash an application. While the original patch corrected the reported overflow, Markus Oberhumer discovered additional ways a stream could trigger an overflow. An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. As an example, an attacker could create a malicious PNG image file that would cause a Web browser or mail viewer to crash if the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2005-1849 to this issue. Note that the versions of zlib shipped with Red Hat Enterprise Linux 2.1 and 3 are not vulnerable to this issue. All users should update to these errata packages that contain a patch from Mark Adler that corrects this issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	21948
published	2006-07-05
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21948
title	CentOS 4 : zlib (CESA-2005:584)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2008-0629.NASL
description	Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib were discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream was opened by a user. (CVE-2005-2096, CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 was used an attacker could, potentially, forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around was vulnerable to a man-in-the-middle attack which allowed a remote user to force an SSL connection to use SSL 2.0, rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures, an error condition was mishandled. This could result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types could take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the Python repr() function
last seen	2020-06-01
modified	2020-06-02
plugin id	43839
published	2010-01-10
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/43839
title	RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0629)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-763.NASL
description	Markus Oberhumer discovered a flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file. This problem does not affect the old stable distribution (woody).
last seen	2020-06-01
modified	2020-06-02
plugin id	19257
published	2005-07-21
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19257
title	Debian DSA-763-1 : zlib - remote DoS

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200603-18.NASL
description	The remote host is affected by the vulnerability described in GLSA-200603-18 (Pngcrush: Buffer overflow) Carsten Lohrke of Gentoo Linux reported that Pngcrush contains a vulnerable version of zlib (GLSA 200507-19). Impact : By creating a specially crafted data stream, attackers can overwrite data structures for applications that use Pngcrush, resulting in a Denial of Service and potentially arbitrary code execution. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	21125
published	2006-03-23
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21125
title	GLSA-200603-18 : Pngcrush: Buffer overflow

NASL family	SuSE Local Security Checks
NASL id	SUSE9_10347.NASL
description	The previous zlib update for CVE-2005-2096 fixed a flaw in zlib that could allow a carefully crafted compressed stream to crash an application. While the original patch corrected the reported overflow, Markus Oberhumer discovered additional ways a stream could trigger an overflow. This security update fixes this problem. This issue is tracked by the Mitre CVE ID CVE-2005-1849.
last seen	2020-06-01
modified	2020-06-02
plugin id	41078
published	2009-09-24
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/41078
title	SuSE9 Security Update : zlib (YOU Patch Number 10347)

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2005-124.NASL
description	A previous zlib update (MDKSA-2005:112; CVE-2005-2096) fixed an overflow flaw in the zlib program. While that update did indeed fix the reported overflow issue, Markus Oberhumber discovered additional ways that a specially crafted compressed stream could trigger an overflow. An attacker could create such a stream that would cause a linked application to crash if opened by a user. The updated packages are provided to protect against this flaw. The Corporate Server 2.1 product is not affected by this vulnerability.
last seen	2020-06-01
modified	2020-06-02
plugin id	19885
published	2005-10-05
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19885
title	Mandrake Linux Security Advisory : zlib (MDKSA-2005:124)

Oval

accepted

2013-04-29T04:13:49.717-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990

description

inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.

family

unix

oval:org.mitre.oval:def:11402

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.

version

Redhat

advisories

rhsa
id RHSA-2005:584
rhsa
id RHSA-2008:0629

rpms

zlib-0:1.2.1.2-1.2
zlib-debuginfo-0:1.2.1.2-1.2
zlib-devel-0:1.2.1.2-1.2
rhn-solaris-bootstrap-0:5.0.2-3
rhn_solaris_bootstrap_5_0_2_3-0:1-0
rhn-solaris-bootstrap-0:5.0.2-3
rhn_solaris_bootstrap_5_0_2_3-0:1-0
rhn-solaris-bootstrap-0:5.1.1-3
rhn_solaris_bootstrap_5_1_1_3-0:1-0

Summary

Vulnerable Configurations

Nessus

Oval

Redhat

References