Debian DSA-740-1 : zlib - remote denial of service

An error in the way zlib handles the inflation of certain compressed files can cause a program which uses zlib to crash when opening an invalid file. This problem does not affect the old stable distribution woody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...

FreeBSD-SA-05:16.zlib

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:16.zlib Security Advisory The FreeBSD Project Topic: Buffer overflow in zlib Category: core Module: libz Announced: 2005-07-06 Credits: Tavis Ormandy Affects:...

FreeBSD-SA-05:14.bzip2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:14.bzip2 Security Advisory The FreeBSD Project Topic: bzip2 denial of service and permission race vulnerabilities Category: contrib Module: contribbzip2...

ClamAV antivirus Qantum compression DoS

Compression with small windows size causes anti virus to crash...

gzip security update

CentOS Errata and Security Advisory CESA-2005:357 An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processes...

FreeBSD-SA-05:11.gzip

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:11.gzip Security Advisory The FreeBSD Project Topic: gzip directory traversal and permission race vulnerabilities Category: contrib Module: gzip Announced:...

gzip: Multiple vulnerabilities

Background gzip GNU zip is a popular compression program. The included zgrep utility allows you to grep gzipped files in place. Description The gzip and gunzip programs are vulnerable to a race condition when setting file permissions CAN-2005-0988, as well as improper handling of filename...

CVE-2005-0851

CVE-2005-0851 affects the FileZilla FTP Server up to version 0.9.6. When using MODE Z (zlib compression), it can trigger a denial-of-service via certain file uploads or directory listings, causing an infinite loop. The vulnerability is associated with a NETWORK attack vector, with low complexity ...

DEBIAN-CVE-2004-1010

Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...

[Full-Disclosure] WinHKI - BH File Directory Transversal

Application: WinHKI Vendors: http://www.webtoolmaster.com Versions: 1.4d Platforms: Windows Bug: BH File Directory Transversal Exploitation: Local extract file Date: 24 Dec 2004 Author: Rafel Ivgi, The-Insider E-Mail: [email protected] Website: http://theinsider.deep-ice.com 1 Introduction 2 Bu...

security flaw

Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...

CVE-2004-0797

The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...

CVE-2004-0797

The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...

CVE-2004-0797

The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...

The zlib compression library is vulnerable to a denial-of-service condition

Overview Un-handled error conditions in the zlib compression library may allow an attacker to cause a denial-of-service condition. Description There is a vulnerability in the error handling mechanisms of the decompression functions in the zlib compression library. The decompression functions...

CVE-2004-0797

The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...

CVE-2004-0797

The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...

SUSE-SA:2004:029: zlib

The remote host is missing the patch for the advisory SUSE-SA:2004:029 zlib. zlib is a widely used data compression library. Programs linked against it include most desktop applications as well as servers such as Apache and OpenSSH. The 'inflate' function of zlib handles certain input data...

DEBIAN-CVE-2004-0548

Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the 1 "c" compress option or 2 "d" decompress option...

RHEL 2.1 : zlib (RHSA-2003:081)

Updated zlib packages that fix a buffer overflow vulnerability are now available. Zlib is a general-purpose, patent-free, lossless data compression library that is used by many different programs. The function gzprintf within zlib, when called with a string longer than ZPRINTFBUFZISE = 4096 bytes...