6 matches found
[SECURITY] [DLA 955-1] rzip security update
Package : rzip Version : 2.1-1+deb7u1 CVE ID : CVE-2017-8364 Debian Bug : 861614 Agostino Sarubbo of Gentoo discovered a heap buffer overflow write in the rzip program when uncompressing maliciously crafted files. For Debian 7 "Wheezy", these problems have been fixed in version 2.1-1+deb7u1. We...
openSUSE Security Update : rzip (openSUSE-2017-571)
This update for rzip fixes the following issues : - CVE-2017-8364: heap-based buffer overflow in readbuf function via crafted archive file could lead to crash boo1036941 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
CVE-2017-8364
The readbuf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted archive...
CVE-2017-8364
The readbuf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted archive...
CVE-2017-8364
The readbuf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted archive...
CVE-2017-8364
The CVE-2017-8364 entry concerns rzip 2.1. The read_buf function in stream.c is vulnerable to a heap-based buffer overflow when processing specially crafted archives, which can cause a denial of service (and possibly other impact) on affected systems. Connected advisories (Debian DLA-2189/955, op...