CVE-2005-2096
published 2005-07-06CVE-2005-2096: zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of…
PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
5.48%
91.8th percentile
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
Affected
41 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aide | aide | >= 0 < 0.10-6.1.1 | 0.10-6.1.1 |
| aide | aide | >= 0 < 0.10-6.1.1 | 0.10-6.1.1 |
| aide | aide | >= 0 < 0.10-6.1.1 | 0.10-6.1.1 |
| aide | aide | >= 0 < 0.10-6.1.1 | 0.10-6.1.1 |
| bacula | bacula | >= 0 < 1.36.3-2 | 1.36.3-2 |
| bacula | bacula | >= 0 < 1.36.3-2 | 1.36.3-2 |
| bacula | bacula | >= 0 < 1.36.3-2 | 1.36.3-2 |
| bacula | bacula | >= 0 < 1.36.3-2 | 1.36.3-2 |
| debian | aide | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | bacula | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | dar | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | dpkg | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | dpkg | >= 0 < 1.13.11 | 1.13.11 |
| debian | dpkg | >= 0 < 1.13.11 | 1.13.11 |
| debian | dpkg | >= 0 < 1.13.11 | 1.13.11 |
| debian | dpkg | >= 0 < 1.13.11 | 1.13.11 |
| debian | dump | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | libphysfs | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | mrtg | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | pvpgn | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | rpm | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | rsync | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | sash | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | texmacs | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
| debian | zlib | < aide 0.10-6.1.1 (bookworm) | aide 0.10-6.1.1 (bookworm) |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5LOW
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
rpm vulnerability
vendor_ubuntu·2005-11-09
CVE-2005-1849 rpm vulnerability
Title: rpm vulnerability
Summary: rpm vulnerability
USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams.
Since lsb-rpm is statically linked against the zlib library, it is also
affected by these issues. The updated packagages have been rebuilt
against the fixed zlib.
Please note that lsb-rpm is not officially supported (it is in the "universe"
component of the archive).
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
zlib vulnerabilities
vendor_ubuntu·2005-10-29
CVE-2005-1849 zlib vulnerabilities
Title: zlib vulnerabilities
Summary: zlib vulnerabilities
USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams.
Since aide is statically linked against the zlib library, it is also
affected by these issues. The updated packagages have been rebuilt
against the fixed zlib.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
zlib vulnerabilities
vendor_ubuntu·2005-07-23
CVE-2005-1849 zlib vulnerabilities
Title: zlib vulnerabilities
Summary: zlib vulnerabilities
USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams.
Most applications use the shared library provided by the "zlib1g"
package; however, some packages contain copies of the affected zlib
code, so they need to be upgraded as well.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
zlib DoS
vendor_redhat·2005-07-06·CVSS 7.5
CVE-2005-2096 [HIGH] zlib DoS
zlib DoS
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Ubuntu
zlib vulnerability
vendor_ubuntu·2005-07-06
CVE-2005-2096 zlib vulnerability
Title: zlib vulnerability
Summary: zlib vulnerability
Tavis Ormandy discovered that zlib did not properly verify data
streams. Decompressing certain invalid compressed files caused
corruption of internal data structures, which caused applications
which link to zlib to crash. Specially crafted input might even have
allowed arbitrary code execution.
zlib is used by hundreds of server and client applications, so this
vulnerability could be exploited to cause Denial of Service attacks to
almost all services provided by an Ubuntu system.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2005-2096: aide - zlib 1.2 and later versions allows remote attackers to cause a denial of service...
vendor_debian·2005·CVSS 7.5
CVE-2005-2096 [HIGH] CVE-2005-2096: aide - zlib 1.2 and later versions allows remote attackers to cause a denial of service...
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
Scope: local
bookworm: resolved (fixed in 0.10-6.1.1)
bullseye: resolved (fixed in 0.10-6.1.1)
forky: resolved (fixed in 0.10-6.1.1)
sid: resolved (fixed in 0.10-6.1.1)
trixie: resolved (fixed in 0.10-6.1.1)
GHSA
GHSA-w2qv-rhm9-97p2: zlib 1
ghsa_unreviewed·2022-05-03
CVE-2005-2096 [HIGH] GHSA-w2qv-rhm9-97p2: zlib 1
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
OSV
CVE-2005-2096: zlib 1
osv·2005-07-06·CVSS 7.5
CVE-2005-2096 [HIGH] CVE-2005-2096: zlib 1
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
No detection rules found.
No public exploits indexed.
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.ascftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txthttp://lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://secunia.com/advisories/15949http://secunia.com/advisories/17054http://secunia.com/advisories/17225http://secunia.com/advisories/17236http://secunia.com/advisories/17326http://secunia.com/advisories/17516http://secunia.com/advisories/18377http://secunia.com/advisories/18406http://secunia.com/advisories/18507http://secunia.com/advisories/19550http://secunia.com/advisories/19597http://secunia.com/advisories/24788http://secunia.com/advisories/31492http://secunia.com/advisories/32706http://security.gentoo.org/glsa/glsa-200507-05.xmlhttp://securitytracker.com/id?1014398http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1http://support.apple.com/kb/HT3298http://support.avaya.com/elmodocs2/security/ASA-2006-016.htmhttp://www.debian.org/security/2005/dsa-740http://www.debian.org/security/2005/dsa-797http://www.debian.org/security/2006/dsa-1026http://www.gentoo.org/security/en/glsa/glsa-200509-18.xmlhttp://www.kb.cert.org/vuls/id/680620http://www.mandriva.com/security/advisories?name=MDKSA-2005:112http://www.mandriva.com/security/advisories?name=MDKSA-2005:196http://www.mandriva.com/security/advisories?name=MDKSA-2006:070http://www.redhat.com/support/errata/RHSA-2005-569.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0629.htmlhttp://www.securityfocus.com/archive/1/421411/100/0/threadedhttp://www.securityfocus.com/archive/1/464745/100/0/threadedhttp://www.securityfocus.com/archive/1/482503/100/0/threadedhttp://www.securityfocus.com/archive/1/482505/100/0/threadedhttp://www.securityfocus.com/archive/1/482571/100/0/threadedhttp://www.securityfocus.com/archive/1/482601/100/0/threadedhttp://www.securityfocus.com/archive/1/482949/100/0/threadedhttp://www.securityfocus.com/archive/1/482950/100/0/threadedhttp://www.securityfocus.com/bid/14162http://www.ubuntulinux.org/usn/usn-151-3http://www.vmware.com/support/vi3/doc/esx-3616065-patch.htmlhttp://www.vmware.com/support/vi3/doc/esx-9916286-patch.htmlhttp://www.vupen.com/english/advisories/2005/0978http://www.vupen.com/english/advisories/2006/0144http://www.vupen.com/english/advisories/2007/1267https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680https://exchange.xforce.ibmcloud.com/vulnerabilities/24064https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542https://usn.ubuntu.com/148-1/ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.ascftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txthttp://lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://secunia.com/advisories/15949http://secunia.com/advisories/17054http://secunia.com/advisories/17225http://secunia.com/advisories/17236http://secunia.com/advisories/17326http://secunia.com/advisories/17516http://secunia.com/advisories/18377http://secunia.com/advisories/18406http://secunia.com/advisories/18507http://secunia.com/advisories/19550http://secunia.com/advisories/19597http://secunia.com/advisories/24788http://secunia.com/advisories/31492http://secunia.com/advisories/32706http://security.gentoo.org/glsa/glsa-200507-05.xmlhttp://securitytracker.com/id?1014398http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1http://support.apple.com/kb/HT3298http://support.avaya.com/elmodocs2/security/ASA-2006-016.htmhttp://www.debian.org/security/2005/dsa-740http://www.debian.org/security/2005/dsa-797http://www.debian.org/security/2006/dsa-1026http://www.gentoo.org/security/en/glsa/glsa-200509-18.xmlhttp://www.kb.cert.org/vuls/id/680620http://www.mandriva.com/security/advisories?name=MDKSA-2005:112http://www.mandriva.com/security/advisories?name=MDKSA-2005:196http://www.mandriva.com/security/advisories?name=MDKSA-2006:070http://www.redhat.com/support/errata/RHSA-2005-569.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0629.htmlhttp://www.securityfocus.com/archive/1/421411/100/0/threadedhttp://www.securityfocus.com/archive/1/464745/100/0/threadedhttp://www.securityfocus.com/archive/1/482503/100/0/threadedhttp://www.securityfocus.com/archive/1/482505/100/0/threadedhttp://www.securityfocus.com/archive/1/482571/100/0/threadedhttp://www.securityfocus.com/archive/1/482601/100/0/threadedhttp://www.securityfocus.com/archive/1/482949/100/0/threadedhttp://www.securityfocus.com/archive/1/482950/100/0/threadedhttp://www.securityfocus.com/bid/14162http://www.ubuntulinux.org/usn/usn-151-3
+ 12 more references
2005-07-06
Published