English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.54423
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-151-2 (amd64-libs)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to amd64-libs
announced via advisory USN-151-2.

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

amd64-libs
amd64-libs-dev
dpkg
dpkg-dev
dselect
ia32-libs
ia32-libs-dev

USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams.

Most applications use the shared library provided by the zlib1g
package
however, some packages contain copies of the affected zlib
code, so they need to be upgraded as well.

Solution:
On Ubuntu 4.10, the problem can be corrected by upgrading the affected
package to version 0.5ubuntu2.1 (ia32-libs and ia32-libs-dev),
1.0ubuntu3.1 (amd64-libs and amd64-libs-dev), and 1.10.22ubuntu2.1
(dpkg, dpkg-dev, dpkg-doc and dselect).

On Ubuntu 5.04, the problem can be corrected by upgrading the affected
package to version 0.5ubuntu3.1 (ia32-libs and ia32-libs-dev),
1.1ubuntu0.1 (amd64-libs and amd64-libs-dev), and 1.10.27ubuntu1.1
(dpkg, dpkg-dev, dpkg-doc and dselect).

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-151-2

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-1849
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
BugTraq ID: 14340
http://www.securityfocus.com/bid/14340
Bugtraq: 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates (Google Search)
http://www.securityfocus.com/archive/1/464745/100/0/threaded
Debian Security Information: DSA-1026 (Google Search)
http://www.debian.org/security/2006/dsa-1026
Debian Security Information: DSA-763 (Google Search)
http://www.debian.org/security/2005/dsa-763
Debian Security Information: DSA-797 (Google Search)
http://www.debian.org/security/2005/dsa-797
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680
http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml
http://www.gentoo.org/security/en/glsa/glsa-200603-18.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:196
http://www.mandriva.com/security/advisories?name=MDKSA-2006:070
http://security.debian.org/pool/updates/main/z/zlib/zlib_1.2.2-4.sarge.2.diff.gz
http://www.osvdb.org/18141
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11402
http://www.redhat.com/support/errata/RHSA-2005-584.html
http://www.redhat.com/support/errata/RHSA-2008-0629.html
SCO Security Bulletin: SCOSA-2006.6
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt
http://securitytracker.com/id?1014540
http://secunia.com/advisories/16137
http://secunia.com/advisories/17326
http://secunia.com/advisories/17516
http://secunia.com/advisories/18377
http://secunia.com/advisories/19334
http://secunia.com/advisories/19550
http://secunia.com/advisories/19597
http://secunia.com/advisories/24788
http://secunia.com/advisories/31492
SuSE Security Announcement: SUSE-SA:2005:043 (Google Search)
http://www.novell.com/linux/security/advisories/2005_43_zlib.html
http://www.ubuntulinux.org/usn/usn-151-3
http://www.vupen.com/english/advisories/2007/1267
XForce ISS Database: zlib-codetable-dos(21456)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21456
Common Vulnerability Exposure (CVE) ID: CVE-2005-2096
1014398
http://securitytracker.com/id?1014398
101989
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1
14162
http://www.securityfocus.com/bid/14162
15949
http://secunia.com/advisories/15949
17054
http://secunia.com/advisories/17054
17225
http://secunia.com/advisories/17225
17236
http://secunia.com/advisories/17236
17326
17516
18377
18406
http://secunia.com/advisories/18406
18507
http://secunia.com/advisories/18507
19550
19597
20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates
20071018 Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096)
http://www.securityfocus.com/archive/1/482505/100/0/threaded
20071018 Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
http://www.securityfocus.com/archive/1/482503/100/0/threaded
20071020 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
http://www.securityfocus.com/archive/1/482571/100/0/threaded
20071021 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
http://www.securityfocus.com/archive/1/482601/100/0/threaded
20071029 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
http://www.securityfocus.com/archive/1/482949/100/0/threaded
20071029 Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096)
http://www.securityfocus.com/archive/1/482950/100/0/threaded
24788
31492
32706
http://secunia.com/advisories/32706
ADV-2005-0978
http://www.vupen.com/english/advisories/2005/0978
ADV-2006-0144
http://www.vupen.com/english/advisories/2006/0144
ADV-2007-1267
APPLE-SA-2005-08-15
APPLE-SA-2005-08-17
APPLE-SA-2008-11-13
http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
DSA-1026
DSA-740
http://www.debian.org/security/2005/dsa-740
DSA-797
FLSA:162680
FreeBSD-SA-05:16.zlib
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc
GLSA-200507-05
http://security.gentoo.org/glsa/glsa-200507-05.xml
GLSA-200509-18
HPSBUX02090
http://www.securityfocus.com/archive/1/421411/100/0/threaded
MDKSA-2005:112
http://www.mandriva.com/security/advisories?name=MDKSA-2005:112
MDKSA-2005:196
MDKSA-2006:070
RHSA-2005:569
http://www.redhat.com/support/errata/RHSA-2005-569.html
RHSA-2008:0629
SCOSA-2006.6
SSRT051058
USN-148-1
https://usn.ubuntu.com/148-1/
USN-151-3
VU#680620
http://www.kb.cert.org/vuls/id/680620
hpux-secure-shell-dos(24064)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24064
http://support.apple.com/kb/HT3298
http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391
oval:org.mitre.oval:def:11500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500
oval:org.mitre.oval:def:1262
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262
oval:org.mitre.oval:def:1542
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.