Lucene search

K
ubuntuUbuntuUSN-590-1
HistoryMar 24, 2008 - 12:00 a.m.

bzip2 vulnerability

2008-03-2400:00:00
ubuntu.com
43

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.097 Low

EPSS

Percentile

94.8%

Releases

  • Ubuntu 7.10
  • Ubuntu 7.04
  • Ubuntu 6.10
  • Ubuntu 6.06

Packages

  • bzip2 -

Details

It was discovered that bzip2 did not correctly handle certain malformed
archives. If a user or automated system were tricked into processing
a specially crafted bzip2 archive, applications linked against libbz2
could be made to crash, possibly leading to a denial of service.

OSVersionArchitecturePackageVersionFilename
Ubuntu7.10noarchlibbz2-1.0< 1.0.4-0ubuntu2.1UNKNOWN
Ubuntu7.10noarchbzip2< 1.0.4-0ubuntu2.1UNKNOWN
Ubuntu7.10noarchlib32bz2-1.0< 1.0.4-0ubuntu2.1UNKNOWN
Ubuntu7.10noarchlib32bz2-dev< 1.0.4-0ubuntu2.1UNKNOWN
Ubuntu7.10noarchlibbz2-dev< 1.0.4-0ubuntu2.1UNKNOWN
Ubuntu7.04noarchlibbz2-1.0< 1.0.3-6ubuntu0.1UNKNOWN
Ubuntu7.04noarchbzip2< 1.0.3-6ubuntu0.1UNKNOWN
Ubuntu7.04noarchlib32bz2-1.0< 1.0.3-6ubuntu0.1UNKNOWN
Ubuntu7.04noarchlib32bz2-dev< 1.0.3-6ubuntu0.1UNKNOWN
Ubuntu7.04noarchlibbz2-dev< 1.0.3-6ubuntu0.1UNKNOWN
Rows per page:
1-10 of 201

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.097 Low

EPSS

Percentile

94.8%