Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:124: zlib Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the zlib package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:124 (zlib).
A previous zlib update (MDKSA-2005:112
CVE-2005-2096) fixed an overflow flaw
in the zlib program. While that update did indeed fix the reported overflow
issue, Markus Oberhumber discovered additional ways that a specially-crafted
compressed stream could trigger an overflow. A possible hacker could create such a
stream that would cause a linked application to crash if opened by a user.
The updated packages are provided to protect against this flaw. The Corporate
Server 2.1 product is not affected by this vulnerability.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:124
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.