Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN148-1 : zlib vulnerability Vulnerability Scan

Vulnerability Scan Summary
zlib vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- zlib-bin
- zlib1g
- zlib1g-dev

Description :

Tavis Ormandy discovered that zlib did not properly verify data
streams. Decompressing certain invalid compressed files caused
corruption of internal data structures, which caused applications
which link to zlib to crash. Specially crafted input might even have
allowed arbitrary code execution.

zlib is used by hundreds of server and client applications, so this
vulnerability could be exploited to cause Denial of Service attacks to
almost all services provided by an Ubuntu system.

Solution :

Upgrade to :
- zlib-bin-1.2.2-4ubuntu1.1 (Ubuntu 5.04)
- zlib1g-1.2.2-4ubuntu1.1 (Ubuntu 5.04)
- zlib1g-dev-1.2.2-4ubuntu1.1 (Ubuntu 5.04)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.