Test ID:	1.3.6.1.4.1.25623.1.0.54176
Category:	SuSE Local Security Checks
Title:	SuSE Security Advisory SUSE-SA:2005:039 (zlib)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory SUSE-SA:2005:039. A denial of service condition was fixed in the zlib library. Any program using zlib to decompress data can be crashed by a specially handcrafted invalid data stream. This includes web browsers or email programs able to view PNG images (which are compressed by zlib), allowing remote attackers to crash browser sessions or potentially anti virus programs using this vulnerability. This issue is tracked by the Mitre CVE ID CVE-2005-2096. Since only zlib 1.2.x is affected, older SUSE products are not affected by this problem. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2005:039 Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 14162 Common Vulnerability Exposure (CVE) ID: CVE-2005-2096 1014398 http://securitytracker.com/id?1014398 101989 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1 14162 http://www.securityfocus.com/bid/14162 15949 http://secunia.com/advisories/15949 17054 http://secunia.com/advisories/17054 17225 http://secunia.com/advisories/17225 17236 http://secunia.com/advisories/17236 17326 http://secunia.com/advisories/17326 17516 http://secunia.com/advisories/17516 18377 http://secunia.com/advisories/18377 18406 http://secunia.com/advisories/18406 18507 http://secunia.com/advisories/18507 19550 http://secunia.com/advisories/19550 19597 http://secunia.com/advisories/19597 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates http://www.securityfocus.com/archive/1/464745/100/0/threaded 20071018 Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096) http://www.securityfocus.com/archive/1/482505/100/0/threaded 20071018 Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482503/100/0/threaded 20071020 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482571/100/0/threaded 20071021 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482601/100/0/threaded 20071029 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482949/100/0/threaded 20071029 Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482950/100/0/threaded 24788 http://secunia.com/advisories/24788 31492 http://secunia.com/advisories/31492 32706 http://secunia.com/advisories/32706 ADV-2005-0978 http://www.vupen.com/english/advisories/2005/0978 ADV-2006-0144 http://www.vupen.com/english/advisories/2006/0144 ADV-2007-1267 http://www.vupen.com/english/advisories/2007/1267 APPLE-SA-2005-08-15 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html APPLE-SA-2005-08-17 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html APPLE-SA-2008-11-13 http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html DSA-1026 http://www.debian.org/security/2006/dsa-1026 DSA-740 http://www.debian.org/security/2005/dsa-740 DSA-797 http://www.debian.org/security/2005/dsa-797 FLSA:162680 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680 FreeBSD-SA-05:16.zlib ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc GLSA-200507-05 http://security.gentoo.org/glsa/glsa-200507-05.xml GLSA-200509-18 http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml HPSBUX02090 http://www.securityfocus.com/archive/1/421411/100/0/threaded MDKSA-2005:112 http://www.mandriva.com/security/advisories?name=MDKSA-2005:112 MDKSA-2005:196 http://www.mandriva.com/security/advisories?name=MDKSA-2005:196 MDKSA-2006:070 http://www.mandriva.com/security/advisories?name=MDKSA-2006:070 RHSA-2005:569 http://www.redhat.com/support/errata/RHSA-2005-569.html RHSA-2008:0629 http://www.redhat.com/support/errata/RHSA-2008-0629.html SCOSA-2006.6 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt SSRT051058 USN-148-1 https://usn.ubuntu.com/148-1/ USN-151-3 http://www.ubuntulinux.org/usn/usn-151-3 VU#680620 http://www.kb.cert.org/vuls/id/680620 hpux-secure-shell-dos(24064) https://exchange.xforce.ibmcloud.com/vulnerabilities/24064 http://support.apple.com/kb/HT3298 http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391 oval:org.mitre.oval:def:11500 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500 oval:org.mitre.oval:def:1262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262 oval:org.mitre.oval:def:1542 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.