13 matches found
Huawei EulerOS: Security Advisory for zziplib (EulerOS-SA-2018-1397)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zziplib (EulerOS-SA-2019-2236)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : zziplib (EulerOS-SA-2018-1397)
According to the versions of the zziplib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zziplib: out of bound read in mmapped.c:zzipdiskfread causes crash.CVE-2018-7725 - zziplib: Bus error in zip.c:zzipparserootdirectory cause cras...
Scientific Linux Security Update : zziplib on SL7.x x86_64 (20181030)
Security Fixes : - zziplib: out of bound read in mmapped.c:zzipdiskfread causes crash CVE-2018-7725 - zziplib: Bus error in zip.c:zzipparserootdirectory cause crash via crafted zip file CVE-2018-7726 - zziplib: Memory leak in memdisk.c:zzipmemdisknew can lead to denial of service via crafted zip...
Oracle Linux 7 : zziplib (ELSA-2018-3229)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3229 advisory. - 'Variable 'file' going out of scope leaks the storage it points to.' has been introduced by the original version of 0001-fix-CVE-2018-7725.patch - Fi...
zziplib security update
0.13.62-9 - Fix covscan warning - 'Variable 'file' going out of scope leaks the storage it points to.' has been introduced by the original version of 0001-fix-CVE-2018-7725.patch - Related: 1558596 0.13.62-8 - Fix CVE-2018-7727 - Resolves: 1558891 0.13.62-7 - Fix CVE-2018-7726 - Resolves: 1558623...
Fedora Update for zziplib FEDORA-2018-45183aab17
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : zziplib (2018-45183aab17)
Update zziplib to fix all known CVEs in Fedora 27 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Ubuntu: Security Advisory (USN-3699-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : zziplib (openSUSE-2018-359)
This update for zziplib fixes the following issues : Security issues fixed : - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...
SUSE SLED12 Security Update : zziplib (SUSE-SU-2018:0919-1)
This update for zziplib fixes the following issues: Security issues fixed : - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...
SUSE-SU-2018:0919-1 Security update for zziplib
This update for zziplib fixes the following issues: Security issues fixed: - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...
CVE-2018-7725
The CVE-2018-7725 issue affects ZZIPlib up to version 0.13.68 and is an invalid memory address dereference in zzip_disk_fread (mmapped.c) that can crash an application and cause denial of service. Public reports describe an out-of-bounds read in mmapped.c and related crashes when the mem_disk fun...