(HP Issues Fix for HP-UX Secure Shell) Zlib Buffer Overflow in inflate_table() May Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1016242 |
|
SecurityTracker URL: http://securitytracker.com/id/1016242
|
|
CVE Reference:
CVE-2005-2096
(Links to External Site)
|
Date: Jun 7 2006
|
Impact:
Denial of service via network, Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A buffer overflow was reported in zlib in the processing of compressed data streams. A remote user may be able to cause denial of service conditions or execute arbitrary code on the target system. HP-UX Secure Shell is affected.
A user can create a specially crafted compressed data stream that, when processed by an application using zlib, will trigger an overflow in the inflate_table() function and cause the application to crash or execute arbitrary code.
The vulnerability resides in 'inftrees.c'.
Tavis Ormandy of the Gentoo Linux Security Audit Team discovered this vulnerability.
|
Impact:
A user can cause an application using zlib to crash or execute arbitrary code. The specific impact depends on the application.
|
Solution:
HP-UX Secure Shell includes the affected zlib library. HP has issued a fix for HP-UX Secure Shell (T1471AA), available at:
http://software.hp.com
HP-UX B.11.00 - HP-UX Secure Shell A.04.20.004
HP-UX B.11.04 - PHSS_34566 or PHSS_34567
HP-UX B.11.11 - HP-UX Secure Shell A.04.20.004
HP-UX B.11.23 - HP-UX Secure Shell A.04.20.005
The HP advisory is available at:
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00589050
|
Cause:
Boundary error
|
Underlying OS:
UNIX (HP/UX)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 7 Jun 2006 09:14:23 -0400
Subject: HPSBUX02090 SSRT051058 rev.2 - HP-UX Secure Shell Remote Denial of Service (DoS)
|
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00589050
CVE-2005-2096
CVE-2005-2798
|
|
