CVE ID:	CVE-2002-0059
Description:	The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.
Test IDs:	1.3.6.1.4.1.25623.1.0.50798   1.3.6.1.4.1.25623.1.0.50799   1.3.6.1.4.1.25623.1.0.53398
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0059 BugTraq ID: 4267 http://www.securityfocus.com/bid/4267 Bugtraq: 20020311 security problem fixed in zlib 1.1.4 (Google Search) Bugtraq: 20020312 Re: [VulnWatch] exploiting the zlib bug in openssh (Google Search) Bugtraq: 20020312 [OpenPKG-SA-2002.003] OpenPKG Security Advisory (zlib) (Google Search) Bugtraq: 20020312 exploiting the zlib bug in openssh (Google Search) Bugtraq: 20020312 zlib & java (Google Search) Bugtraq: 20020312 zlibscan : script to find suid binaries possibly affected by zlib vulnerability (Google Search) Bugtraq: 20020313 OpenSSH rebuild warning: problems avoiding zlib problems in Solaris (Google Search) Bugtraq: 20020314 Re: about zlib vulnerability - Microsoft products (Google Search) Bugtraq: 20020314 ZLib double free bug: Windows NT potentially unaffected (Google Search) Bugtraq: 20020314 about zlib vulnerability (Google Search) Bugtraq: 20020315 RE: [Whitehat] about zlib vulnerability (Google Search) Bugtraq: 20020318 TSLSA-2002-0040 - zlib (Google Search) Bugtraq: 20020402 VNC Security Bulletin - zlib double free issue (multiple vendors and versions) (Google Search) Caldera Security Advisory: CSSA-2002-014.1 http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt Caldera Security Advisory: CSSA-2002-015.1 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-015.1.txt Cert/CC Advisory: CA-2002-07 http://www.cert.org/advisories/CA-2002-07.html CERT/CC vulnerability note: VU#368819 http://www.kb.cert.org/vuls/id/368819 Cisco Security Advisory: 20020403 Vulnerability in the zlib Compression Library Conectiva Linux advisory: CLA-2002:469 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000469 Debian Security Information: DSA-122 (Google Search) http://www.debian.org/security/2002/dsa-122 En Garde Linux Advisory: ESA-20020311-008 FreeBSD Security Advisory: FreeBSD-SA-02:18 HPdes Security Advisory: HPSBTL0204-030 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0204-030 HPdes Security Advisory: HPSBTL0204-036 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0204-036 HPdes Security Advisory: HPSBTL0204-037 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0204-037 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:022 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-023.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3 OpenBSD Security Advisory: 20020313 015: RELIABILITY FIX: March 13, 2002 RedHat Security Advisories: RHSA-2002:026 http://www.redhat.com/support/errata/RHSA-2002-026.html RedHat Security Advisories: RHSA-2002:027 http://www.redhat.com/support/errata/RHSA-2002-027.html SuSE Security Announcement: SuSE-SA:2002:010 (Google Search) SuSE Security Announcement: SuSE-SA:2002:011 (Google Search) XForce ISS Database: zlib-doublefree-memory-corruption(8427) https://exchange.xforce.ibmcloud.com/vulnerabilities/8427