CVE-2004-0548

Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the 1 "c" compress option or 2 "d" decompress option...

Man Utility 2.3.19 - Local Compression Program Privilege Escalation

Man Utility 2.3.19 - Local Compression Program Privilege Escalation source: https://www.securityfocus.com/bid/8675/info A vulnerability has been reported in man that may allow an attacker to gain elevated privileges. The problem lies in man failing to carry out sufficient sanity checks before...

Man Utility 2.3.19 - Local Compression Program Privilege Escalation

source: https://www.securityfocus.com/bid/8675/info A vulnerability has been reported in man that may allow an attacker to gain elevated privileges. The problem lies in man failing to carry out sufficient sanity checks before executing a user-defined compression program. As a result, it may be...

zlib "gzprintf()" function vulnerable to buffer overflow

Overview A buffer overflow exists in one of the functions included with the zlib compression library. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial of service. An exploit for this vulnerability is publicly available. Description The zlib website...

Moderate: Red Hat Security Advisory: zlib security update

Updated zlib packages that fix a buffer overflow vulnerability are now available. Zlib is a general-purpose, patent-free, lossless data compression library that is used by many different programs. The function gzprintf within zlib, when called with a string longer than ZPRINTFBUFZISE = 4096 bytes...

Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (1)

Zlib 1.1.4 - Compression Library gzprintf Buffer Overrun 1 // source: https://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become...

DEBIAN-CVE-2002-2097

The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets...

Security Advisory: Vulnerability in zlib library

Cisco Security Advisory: Vulnerability in the zlib Compression Library Revision 1.0 For Public Release 2002 April 03 16:00 UTC +0000 - --------------------------------------------------------------------------- Contents Summary Affected Products Details Impact Software Versions and Fixes Obtainin...

Vulnerability in the zlib Compression Library

...

FreeBSD-SA-02:18.zlib

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:18 Security Advisory FreeBSD, Inc. Topic: zlib double-free Category: core, ports Module: zlib Announced: 2002-03-18 Revised: 2002-04-22 Credits: Matthias Clasen Owen...

CVE-2002-0059

The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once a "double free", which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data...

Advisory CA-2002-07 Double Free Bug in zlib Compression Library

CERT Advisory CA-2002-07 Double Free Bug in zlib Compression Library Original release date: March 12, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Any software that is linked to zlib 1.1.3 or earlier may be affected Data...

security problem fixed in zlib 1.1.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zlib Advisory 2002-03-11 zlib Compression Library Corrupts malloc Data Structures via Double Free Original release date: March 11, 2002 Last revised: March 11, 2002 Source: This advisory is based on a CERT advisory written by Jeffrey P. Lanza. See...

zlib: Double free in inflateEnd

The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once a "double free", which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data...

Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures

Overview There is a bug in the zlib compression library that may manifest itself as a vulnerability in programs that are linked with zlib. This may allow an attacker to conduct a denial-of-service attack, gather information, or execute arbitrary code. It is important to note that the CERT/CC has...

DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries

Overview Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Description RFC1035 DOMAIN NAMES, IMPLEMENTATION AND SPECIFICATION defines a mechanism for conserving bytes in a DNS query or reply packet by avoiding repetition of character strings "labels"...

Security Bulletin MS01-019

---------------------------------------------------------------------- Title: Passwords for Compressed Folders are Recoverable Date: 28 March 2001 Software: Plus! 98 and Windows Me Impact: Data compression passwords can be recovered. Bulletin: MS01-019 Microsoft encourages customers to review the...

Linux news 11.05.00

nmap 2.53 Вышла новая версия утилиты, предназначенной для сканирования сетей и отдельных хостов - nmap. Подробнее: http://www.appwatch.com/Linux/Library/81/view.html Red Hat создала инвестиционное подразделение для финансирования молодых компаний Компания Red Hat объявила о создании нового...

Update rollup for the Single Instance Storage (SIS) component

None None...