|
Family: Ubuntu Local Security Checks --> Category: infos
USN151-1 : zlib vulnerability Vulnerability Scan
Vulnerability Scan Summary zlib vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- zlib-bin
- zlib1g
- zlib1g-dev
Description :
USN-148-1 fixed an improver input verification of zlib
(CVE-2005-2096). Markus Oberhumer discovered additional ways a
disrupted stream could trigger a buffer overflow and crash the
application using zlib, so another update is necessary.
zlib is used by hundreds of server and client applications, so this
vulnerability could be exploited to cause Denial of Service attacks to
almost all services provided by an Ubuntu system.
Solution :
Upgrade to :
- zlib-bin-1.2.2-4ubuntu1.2 (Ubuntu 5.04)
- zlib1g-1.2.2-4ubuntu1.2 (Ubuntu 5.04)
- zlib1g-dev-1.2.2-4ubuntu1.2 (Ubuntu 5.04)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|