SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   Zlib Vendors:   [Multiple Authors/Vendors]
(Slackware Issues Fix) 'zlib' Shared Compression Library Contains 'Double Free()' Buffer Overflow That Lets Remote Users Cause Programs Using zlib to Crash or Execute Arbitrary Code
SecurityTracker Alert ID:  1003790
SecurityTracker URL:  http://securitytracker.com/id/1003790
CVE Reference:   CAN-2002-0059   (Links to External Site)
Date:  Mar 12 2002
Impact:   Denial of service via network, Execution of arbitrary code via local system, Execution of arbitrary code via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 1.1.3
Description:   A vulnerability was reported in the zlib shared library, a widely used library that provides in-memory compress and decompression functions. A remote user could cause programs using this library to crash or to execute arbitrary code on the system.

It is reported that certain types of input will cause zlib to free the same area of memory twice (i.e., perform a "double free"), resulting in a buffer overflow condition when expanding compressed input. A remote user can cause programs that process untrusted user-supplied compressed input to crash or potentially execute arbitrary code on the system.

It is reported that web browsers or email programs that display image attachments or other programs that uncompress data may be particularly affected.

It is reported that Matthias Clasen <maclas@gmx.de> and Owen Taylor <otaylor@redhat.com> discovered this bug.

Impact:   A remote user can cause affected programs that use zlib to process untrusted user-supplied compressed input to crash or potentially execute arbitrary code on the system.
Solution:   The vendor has released a fix and urges that users upgrade the zlib package immediately.

Updated zlib package for Slackware 7.1:
ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/zlib.tgz

Updated zlib package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/zlib.tgz

Updated zlib package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/zlib-1.1.4/packages/zlib-1.1.4-i386-1.tgz

Here is the md5sum for the package:

Slackware 7.1:
8371e3ea1d8d0f624edc43ede13e82dd zlib.tgz

Slackware 8.0:
7e5187be97632b446c214cf62fc94fff zlib.tgz

Slackware -current:
5d9968475642c822ae11cce8c5504ece zlib-1.1.4-i386-1.tgz

To install, as root, upgrade to the new zlib.tgz package:
# upgradepkg zlib.tgz

Afterwards, restart any running programs that link to libz.so.

Vendor URL:  www.gzip.org/zlib/ (Links to External Site)
Cause:   Boundary error
Underlying OS:   Linux (Slackware)

Message History:   This archive entry is a follow-up to the message listed below.
Mar 11 2002 'zlib' Shared Compression Library Contains 'Double Free()' Buffer Overflow That Lets Remote Users Cause Programs Using zlib to Crash or Execute Arbitrary Code



 Source Message Contents

Date:  Mon, 11 Mar 2002 14:12:40 -0800 (PST)
Subject:  [slackware-security] zlib upgrade fixes vulnerability



New zlib packages are available to fix a security problem which may impact
programs that link with zlib.

Here's the information from the Slackware 8.0 ChangeLog:

----------------------------
Mon Mar 11 13:32:40 PST 2002
patches/packages/zlib.tgz:  Upgraded to zlib-1.1.4.  This fixes a security
  problem which may introduce vulnerabilities into any program that links with
  zlib.  Quoting the advisory on zlib.org:

  "Depending upon how and where the zlib routines are called from the given
   program, the resulting vulnerability may have one or more of the following
   impacts: denial of service, information leakage, or execution of arbitrary
   code."

Sites are urged to upgrade the zlib package immediately.

The complete advisory may be found here:
   http://www.zlib.org/advisory-2002-03-11.txt

(* Security fix *)
----------------------------


WHERE TO FIND THE NEW PACKAGE:
------------------------------
Updated zlib package for Slackware 7.1:
ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/zlib.tgz

Updated zlib package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/zlib.tgz

Updated zlib package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/zlib-1.1.4/packages/zlib-1.1.4-i386-1.tgz


MD5 SIGNATURE:
--------------

Here is the md5sum for the package:

Slackware 7.1:
8371e3ea1d8d0f624edc43ede13e82dd  zlib.tgz

Slackware 8.0:
7e5187be97632b446c214cf62fc94fff  zlib.tgz

Slackware -current:
5d9968475642c822ae11cce8c5504ece  zlib-1.1.4-i386-1.tgz


INSTALLATION INSTRUCTIONS:
--------------------------

As root, upgrade to the new zlib.tgz package:
# upgradepkg zlib.tgz

Afterwards, restart any running programs that link to libz.so.

Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
  http://www.slackware.com


+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC