Test ID:	1.3.6.1.4.1.25623.1.0.54194
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2005-189-01)
Summary:	The remote host is missing an update for the 'zlib' package(s) announced via the SSA:2005-189-01 advisory.
Description:	Summary: The remote host is missing an update for the 'zlib' package(s) announced via the SSA:2005-189-01 advisory. Vulnerability Insight: New zlib packages are available for Slackware 10.0, 10.1, and -current to fix a denial of service security issue. zlib 1.1.x is not affected. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] Here are the details from the Slackware 10.1 ChangeLog: +--------------------------+ patches/packages/zlib-1.2.2-i486-2.tgz: Patched an overflow in zlib that could cause applications using zlib to crash. The overflow does not involve user supplied data, and therefore does not allow the execution of arbitrary code. However, it could still be used by a remote attacker to create a denial of service. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'zlib' package(s) on Slackware 10.0, Slackware 10.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2096 1014398 http://securitytracker.com/id?1014398 101989 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1 14162 http://www.securityfocus.com/bid/14162 15949 http://secunia.com/advisories/15949 17054 http://secunia.com/advisories/17054 17225 http://secunia.com/advisories/17225 17236 http://secunia.com/advisories/17236 17326 http://secunia.com/advisories/17326 17516 http://secunia.com/advisories/17516 18377 http://secunia.com/advisories/18377 18406 http://secunia.com/advisories/18406 18507 http://secunia.com/advisories/18507 19550 http://secunia.com/advisories/19550 19597 http://secunia.com/advisories/19597 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates http://www.securityfocus.com/archive/1/464745/100/0/threaded 20071018 Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096) http://www.securityfocus.com/archive/1/482505/100/0/threaded 20071018 Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482503/100/0/threaded 20071020 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482571/100/0/threaded 20071021 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482601/100/0/threaded 20071029 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482949/100/0/threaded 20071029 Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096) http://www.securityfocus.com/archive/1/482950/100/0/threaded 24788 http://secunia.com/advisories/24788 31492 http://secunia.com/advisories/31492 32706 http://secunia.com/advisories/32706 ADV-2005-0978 http://www.vupen.com/english/advisories/2005/0978 ADV-2006-0144 http://www.vupen.com/english/advisories/2006/0144 ADV-2007-1267 http://www.vupen.com/english/advisories/2007/1267 APPLE-SA-2005-08-15 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html APPLE-SA-2005-08-17 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html APPLE-SA-2008-11-13 http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html DSA-1026 http://www.debian.org/security/2006/dsa-1026 DSA-740 http://www.debian.org/security/2005/dsa-740 DSA-797 http://www.debian.org/security/2005/dsa-797 FLSA:162680 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680 FreeBSD-SA-05:16.zlib ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc GLSA-200507-05 http://security.gentoo.org/glsa/glsa-200507-05.xml GLSA-200509-18 http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml HPSBUX02090 http://www.securityfocus.com/archive/1/421411/100/0/threaded MDKSA-2005:112 http://www.mandriva.com/security/advisories?name=MDKSA-2005:112 MDKSA-2005:196 http://www.mandriva.com/security/advisories?name=MDKSA-2005:196 MDKSA-2006:070 http://www.mandriva.com/security/advisories?name=MDKSA-2006:070 RHSA-2005:569 http://www.redhat.com/support/errata/RHSA-2005-569.html RHSA-2008:0629 http://www.redhat.com/support/errata/RHSA-2008-0629.html SCOSA-2006.6 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt SSRT051058 USN-148-1 https://usn.ubuntu.com/148-1/ USN-151-3 http://www.ubuntulinux.org/usn/usn-151-3 VU#680620 http://www.kb.cert.org/vuls/id/680620 hpux-secure-shell-dos(24064) https://exchange.xforce.ibmcloud.com/vulnerabilities/24064 http://support.apple.com/kb/HT3298 http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391 oval:org.mitre.oval:def:11500 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500 oval:org.mitre.oval:def:1262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262 oval:org.mitre.oval:def:1542 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.