3710 matches found
CVE-2002-2097
The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets...
CVE-2005-2384
Directory traversal vulnerability in a third-party compression library UNACEV2.DLL, as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with 1 .. or 2 absolute pathnames...
CVE-2005-2384
Directory traversal vulnerability in a third-party compression library UNACEV2.DLL, as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with 1 .. or 2 absolute pathnames...
CVE-2005-2385
Buffer overflow in a third-party compression library UNACEV2.DLL, as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename...
zlib security update
CentOS Errata and Security Advisory CESA-2005:584 Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Zlib is a general-purpose lossless data...
Debian DSA-763-1 : zlib - remote DoS
Markus Oberhumer discovered a flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file. This problem does not affect the old stable distribution woody. %NASLMINLEVEL 70300 ...
DSA-763-1 zlib - buffer overflow
Bulletin has no description...
[SECURITY] [DSA 752-1] New gzip packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 752-1 [email protected] http://www.debian.org/security/ Martin Schulze July 11th, 2005 http://www.debian.org/security/faq -...
DSA-752-1 gzip - several
Bulletin has no description...
zlib inflate() routine vulnerable to buffer overflow
Overview A buffer overflow in the zlib compression library may cause any application linked to zlib to improperly and immediately terminate. Description There is a buffer overflow in the zlib data-compression library caused by a lack of bounds checking in the inflate routine. If an attacker...
zlib: Buffer overflow
Background zlib is a widely used free and patent unencumbered data compression library. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...
FreeBSD-SA-05:16.zlib
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:16.zlib Security Advisory The FreeBSD Project Topic: Buffer overflow in zlib Category: core Module: libz Announced: 2005-07-06 Credits: Tavis Ormandy Affects:...
Debian DSA-740-1 : zlib - remote denial of service
An error in the way zlib handles the inflation of certain compressed files can cause a program which uses zlib to crash when opening an invalid file. This problem does not affect the old stable distribution woody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...
FreeBSD-SA-05:14.bzip2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:14.bzip2 Security Advisory The FreeBSD Project Topic: bzip2 denial of service and permission race vulnerabilities Category: contrib Module: contribbzip2...
ClamAV antivirus Qantum compression DoS
Compression with small windows size causes anti virus to crash...
gzip security update
CentOS Errata and Security Advisory CESA-2005:357 An updated gzip package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The gzip package contains the GNU gzip data compression program. A bug was found in the way zgrep processes...
FreeBSD-SA-05:11.gzip
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:11.gzip Security Advisory The FreeBSD Project Topic: gzip directory traversal and permission race vulnerabilities Category: contrib Module: gzip Announced:...
gzip: Multiple vulnerabilities
Background gzip GNU zip is a popular compression program. The included zgrep utility allows you to grep gzipped files in place. Description The gzip and gunzip programs are vulnerable to a race condition when setting file permissions CAN-2005-0988, as well as improper handling of filename...
CVE-2005-0851
CVE-2005-0851 affects the FileZilla FTP Server up to version 0.9.6. When using MODE Z (zlib compression), it can trigger a denial-of-service via certain file uploads or directory listings, causing an infinite loop. The vulnerability is associated with a NETWORK attack vector, with low complexity ...
DEBIAN-CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...