SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   Zlib Vendors:   GNU [multiple authors]
Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1014398
SecurityTracker URL:  http://securitytracker.com/id/1014398
CVE Reference:   CVE-2005-2096   (Links to External Site)
Updated:  Jun 7 2006
Original Entry Date:  Jul 6 2005
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.2.2
Description:   A buffer overflow was reported in zlib in the processing of compressed data streams. A remote user may be able to cause denial of service conditions or execute arbitrary code on the target system.

A user can create a specially crafted compressed data stream that, when processed by an application using zlib, will trigger an overflow in the inflate_table() function and cause the application to crash or execute arbitrary code.

The vulnerability resides in 'inftrees.c'.

Tavis Ormandy of the Gentoo Linux Security Audit Team discovered this vulnerability.
Impact:   A user can cause an application using zlib to crash or execute arbitrary code. The specific impact depends on the application.
Solution:   The vendor has issued a source code fix. Various operating system distribution vendors are issuing fixes for their distributions [a separate alert will be issued for each distribution].
Vendor URL:  www.zlib.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:   Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 6 2005 (Red Hat Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (bugzilla@redhat.com)
Red Hat has released a fix.
Jul 6 2005 (FreeBSD Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (FreeBSD Security Advisories <security-advisories@freebsd.org>)
FreeBSD has released a fix.
Jul 6 2005 (Debian Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (Michael Stone <mstone@klecker.debian.org>)
Debian has released a fix.
Jul 6 2005 (Gentoo Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (Thierry Carrez <koon@gentoo.org>)
Gentoo has issued a fix.
Jul 6 2005 (Ubuntu Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (Martin Pitt <martin.pitt@canonical.com>)
Ubuntu has issued a fix.
Jul 8 2005 (OpenBSD Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   ("Todd C. Miller" <Todd.Miller@courtesan.com>)
OpenBSD has released a fix.
Jul 9 2005 (Mandrake Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (Mandriva Security Team <security@mandriva.com>)
Mandriva has released a fix.
Jul 11 2005 (NetBSD Base Not Affected; Fix Available for pkgsrc) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (NetBSD Security-Officer <security-officer@NetBSD.org>)
NetBSD Base is not affected. The version from pkgsrc is affected, and a fix is available.
Aug 16 2005 (Apple Issues Fix) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (Apple Product Security <product-security@apple.com>)
Apple has issued a fix for Mac OS X 10.4.2.
Sep 2 2005 (Debian Issues Fix for zsync) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (Michael Stone <mstone@klecker.debian.org>)
Debian has issued a fix for zsync, which is affected by the zlib vulnerability.
Jun 7 2006 (HP Issues Fix for HP-UX Secure Shell) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code
HP has issued a fix for HP-UX Secure Shell, which is affected by the zlib vulnerability.
May 20 2008 (Red Hat Issues Fix for Red Hat Network Satellite Server) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code   (bugzilla@redhat.com)
Red Hat has released a fix for Red Hat Network Satellite Server 5.x.


 Source Message Contents
Date:  Wed, 6 Jul 2005 10:47:52 -0400
Subject:  [none]


A buffer overflow was reported in zlib in the processing of compressed data streams.

A user can create a specially crafted compressed data stream that, when processed
by an application using zlib, will trigger the overflow and cause the application
to crash or execute arbitrary code.

The vulnerability resides in 'inftrees.c'.

Tavis Ormandy of the Gentoo Linux Security Audit Team discovered this vulnerability.

CVE: CAN-2005-2096


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC