This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
APP:ZLIB-COMPRES-LIB-DOS-1
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
APP
|
Keywords |
Zlib Compression Library Denial Of Service (1)
|
Release Date |
2012/11/30
|
Update Number |
2207
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
APP: Zlib Compression Library Denial Of Service (1)
This signature detects attempts to exploit a known vulnerability against Zlib Compression Library. A successful attack can result in a denial-of-service condition.
Extended Description
The Zlib compression library is reportedly susceptible to a denial of service vulnerability. This vulnerability is caused by a failure of the application to properly handle malformed input during the decompression process.
This vulnerability is reported to exist in version 1.2.1 of the library. Other versions are also likely affected.
Affected Products
- Avaya intuity_r5 R5.1.46
- Cvs cvs 1.12.12
- Filezilla filezilla_server 0.7.0
- Filezilla filezilla_server 0.7.1
- Libpng libpng 1.0.16
- Libpng libpng3 1.2.6
- Macsftp macsftp 1.0.6
- Macssh macssh 2.1.0 fc3
- Mandriva linux_mandrake 10.0.0
- Mandriva linux_mandrake 10.0.0 amd64
- Openbsd openbsd 3.5
- Openbsd openbsd -Current
- Openpkg openpkg 2.0.0
- Openpkg openpkg 2.1.0
- Openpkg openpkg 2.2.0
- Openpkg openpkg 2.3.0
- Openpkg openpkg Current
- Red_hat fedora Core2
- Sco open_server 5.0.6
- Sco open_server 5.0.6 a
- Sco open_server 5.0.7
- Sco open_server 6.0.0
- Sco unixware 7.0.0
- Sco unixware 7.0.1
- Sco unixware 7.1.0
- Sco unixware 7.1.1
- Sco unixware 7.1.2
- Sco unixware 7.1.3
- Sco unixware 7.1.3 up
- Sco unixware 7.1.4
- Suse linux_personal 9.1.0
- Suse suse_linux_enterprise_server 9
- Trustix secure_enterprise_linux 2.0.0
- Trustix secure_linux 2.2.0
- Trustix secure_linux 3.0.0
- Zlib zlib 1.2.0 .0.7
- Zlib zlib 1.2.1
References