Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN151-4 : rpm vulnerability Vulnerability Scan

Vulnerability Scan Summary
rpm vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- librpm-dev
- librpm4
- lsb-rpm
- rpm

Description :

USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams.

Since lsb-rpm is statically linked against the zlib library, it is also
affected by these issues. The updated packagages have been rebuilt
against the fixed zlib.

Please note that lsb-rpm is not officially supported (it is in the "universe"
component of the archive).

Solution :

Upgrade to :
- librpm-dev-4.0.4-31ubuntu1.1 (Ubuntu 5.10)
- librpm4-4.0.4-31ubuntu1.1 (Ubuntu 5.10)
- lsb-rpm-4.0.4-31ubuntu1.1 (Ubuntu 5.10)
- rpm-4.0.4-31ubuntu1.1 (Ubuntu 5.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.