Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2004:090 (zlib)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50570

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2004:090 (zlib)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to zlib
announced via advisory MDKSA-2004:090.

Due to a Debian bug report, a Denial of Service vulnerability was
discovered in the zlib compression library versions 1.2.x, in the
inflate() and inflateBack() functions. Older versions of zlib are
not affected.

Once the updated packages have been installed, all programs linked
against zlib must be restarted for the new packages to take effect.

Affected versions: 10.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797

Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: BugTraq ID: 11051
Common Vulnerability Exposure (CVE) ID: CVE-2004-0797
http://www.securityfocus.com/bid/11051
Bugtraq: 20040825 [OpenPKG-SA-2004.038] OpenPKG Security Advisory (zlib) (Google Search)
http://marc.info/?l=bugtraq&m=109353792914900&w=2
CERT/CC vulnerability note: VU#238678
http://www.kb.cert.org/vuls/id/238678
Conectiva Linux advisory: CLA-2004:865
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000865
Conectiva Linux advisory: CLA-2004:878
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000878
https://bugzilla.fedora.us/show_bug.cgi?id=2043
http://security.gentoo.org/glsa/glsa-200408-26.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:090
OpenBSD Security Advisory: 20040829 017: RELIABILITY FIX: August 29, 2004
http://www.osvdb.org/9360
http://www.osvdb.org/9361
SCO Security Bulletin: SCOSA-2004.17
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.17/SCOSA-2004.17.txt
SCO Security Bulletin: SCOSA-2006.6
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt
http://securitytracker.com/id?1011085
http://secunia.com/advisories/11129
http://secunia.com/advisories/17054
http://secunia.com/advisories/18377
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.319160
SuSE Security Announcement: SUSE-SA:2004:029 (Google Search)
http://www.novell.com/linux/security/advisories/2004_29_zlib.html
XForce ISS Database: zlib-inflate-inflateback-dos(17119)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17119

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50570
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:090 (zlib)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to zlib announced via advisory MDKSA-2004:090. Due to a Debian bug report, a Denial of Service vulnerability was discovered in the zlib compression library versions 1.2.x, in the inflate() and inflateBack() functions. Older versions of zlib are not affected. Once the updated packages have been installed, all programs linked against zlib must be restarted for the new packages to take effect. Affected versions: 10.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 11051 Common Vulnerability Exposure (CVE) ID: CVE-2004-0797 http://www.securityfocus.com/bid/11051 Bugtraq: 20040825 [OpenPKG-SA-2004.038] OpenPKG Security Advisory (zlib) (Google Search) http://marc.info/?l=bugtraq&m=109353792914900&w=2 CERT/CC vulnerability note: VU#238678 http://www.kb.cert.org/vuls/id/238678 Conectiva Linux advisory: CLA-2004:865 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000865 Conectiva Linux advisory: CLA-2004:878 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000878 https://bugzilla.fedora.us/show_bug.cgi?id=2043 http://security.gentoo.org/glsa/glsa-200408-26.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:090 OpenBSD Security Advisory: 20040829 017: RELIABILITY FIX: August 29, 2004 http://www.osvdb.org/9360 http://www.osvdb.org/9361 SCO Security Bulletin: SCOSA-2004.17 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.17/SCOSA-2004.17.txt SCO Security Bulletin: SCOSA-2006.6 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt http://securitytracker.com/id?1011085 http://secunia.com/advisories/11129 http://secunia.com/advisories/17054 http://secunia.com/advisories/18377 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.319160 SuSE Security Announcement: SUSE-SA:2004:029 (Google Search) http://www.novell.com/linux/security/advisories/2004_29_zlib.html XForce ISS Database: zlib-inflate-inflateback-dos(17119) https://exchange.xforce.ibmcloud.com/vulnerabilities/17119
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com