Test ID:	1.3.6.1.4.1.25623.1.0.54440
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Security Advisory (FreeBSD-SA-05:18.zlib.asc)
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-05:18.zlib.asc
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:18.zlib.asc Vulnerability Insight: zlib is a compression library used by numerous applications to provide data compression/decompression routines. A fixed-size buffer is used in the decompression of data streams. Due to erroneous analysis performed when zlib was written, this buffer, which was believed to be sufficiently large to handle any possible input stream, is in fact too small. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1849 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html BugTraq ID: 14340 http://www.securityfocus.com/bid/14340 Bugtraq: 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates (Google Search) http://www.securityfocus.com/archive/1/464745/100/0/threaded Debian Security Information: DSA-1026 (Google Search) http://www.debian.org/security/2006/dsa-1026 Debian Security Information: DSA-763 (Google Search) http://www.debian.org/security/2005/dsa-763 Debian Security Information: DSA-797 (Google Search) http://www.debian.org/security/2005/dsa-797 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680 http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml http://www.gentoo.org/security/en/glsa/glsa-200603-18.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:196 http://www.mandriva.com/security/advisories?name=MDKSA-2006:070 http://security.debian.org/pool/updates/main/z/zlib/zlib_1.2.2-4.sarge.2.diff.gz http://www.osvdb.org/18141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11402 http://www.redhat.com/support/errata/RHSA-2005-584.html http://www.redhat.com/support/errata/RHSA-2008-0629.html SCO Security Bulletin: SCOSA-2006.6 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt http://securitytracker.com/id?1014540 http://secunia.com/advisories/16137 http://secunia.com/advisories/17326 http://secunia.com/advisories/17516 http://secunia.com/advisories/18377 http://secunia.com/advisories/19334 http://secunia.com/advisories/19550 http://secunia.com/advisories/19597 http://secunia.com/advisories/24788 http://secunia.com/advisories/31492 SuSE Security Announcement: SUSE-SA:2005:043 (Google Search) http://www.novell.com/linux/security/advisories/2005_43_zlib.html http://www.ubuntulinux.org/usn/usn-151-3 http://www.vupen.com/english/advisories/2007/1267 XForce ISS Database: zlib-codetable-dos(21456) https://exchange.xforce.ibmcloud.com/vulnerabilities/21456
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.