Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.50697
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDKSA-2003:033 (zlib)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to zlib
announced via advisory MDKSA-2003:033.

Richard Kettlewell discovered a buffer overflow vulnerability in the
zlib library's gzprintf() function. This can be used by attackers
to cause a denial of service or possibly even the execution of
arbitrary code. Our thanks to the OpenPKG team for providing a patch
which adds the necessary configure script checks to always use the
secure vsnprintf(3) and snprintf(3) functions, and which additionally
adjusts the code to correctly take into account the return value of
vsnprintf(3) and snprintf(3).

Affected versions: 7.2, 8.0, 8.1, 8.2, 9.0, Corporate Server 2.1,
Multi Network Firewall 8.2,

Single Network Firewall 7.2


Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107
http://online.securityfocus.com/bid/6913

Risk factor : High

CVSS Score:
7.5

Querverweis: BugTraq ID: 6913
Common Vulnerability Exposure (CVE) ID: CVE-2003-0107
http://www.securityfocus.com/bid/6913
Bugtraq: 20030222 buffer overrun in zlib 1.1.4 (Google Search)
http://online.securityfocus.com/archive/1/312869
Bugtraq: 20030223 poc zlib sploit just for fun :) (Google Search)
http://marc.info/?l=bugtraq&m=104610337726297&w=2
Bugtraq: 20030224 Re: buffer overrun in zlib 1.1.4 (Google Search)
http://marc.info/?l=bugtraq&m=104610536129508&w=2
Bugtraq: 20030225 [sorcerer-spells] ZLIB-SORCERER2003-02-25 (Google Search)
http://marc.info/?l=bugtraq&m=104620610427210&w=2
Caldera Security Advisory: CSSA-2003-011.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-011.0.txt
CERT/CC vulnerability note: VU#142121
http://www.kb.cert.org/vuls/id/142121
Conectiva Linux advisory: CLSA-2003:619
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000619
http://marc.info/?l=bugtraq&m=104887247624907&w=2
http://jvn.jp/en/jp/JVN78689801/index.html
http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000066.html
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:033
NETBSD Security Advisory: NetBSD-SA2003-004
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-004.txt.asc
http://www.osvdb.org/6599
http://www.redhat.com/support/errata/RHSA-2003-079.html
http://www.redhat.com/support/errata/RHSA-2003-081.html
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57405
http://www.iss.net/security_center/static/11381.php
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.