Description: | Description:
The remote host is missing an update to zlib announced via advisory USN-151-1.
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected: zlib1g
USN-148-1 fixed an improver input verification of zlib (CVE-2005-2096). Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary.
zlib is used by hundreds of server and client applications, so this vulnerability could be exploited to cause Denial of Service attacks to almost all services provided by an Ubuntu system.
Solution: The problem can be corrected by upgrading the affected package to version 1:1.2.1.1-3ubuntu1.2 (for Ubuntu 4.10), or 1:1.2.2-4ubuntu1.2 (for Ubuntu 5.04).
A standard system upgrade is NOT SUFFICIENT to effect the necessary changes! If you can afford to reboot your machine, this is the easiest way to ensure that all services using this library are restarted correctly. If not, please manually restart all server applications.
http://www.securityspace.com/smysecure/catid.html?in=USN-151-1
Risk factor : High
CVSS Score: 7.5
|