Results 1 to 2 of 2

Thread: zlib vulnerability; affects PPP Code in Linux Kernel

  1. March 11th, 2002, 08:10 PM #1
    gstudios
    gstudios is offline
    Senior Member
    Join Date
    Aug 2001
    Posts
    409

    zlib vulnerability; affects PPP Code in Linux Kernel

    From LinuxSecurity.com

    Significant Vulnerability Afflicts Linux Systems
    By LinuxSecurity
    Posted By: Dave Wreski
    3/11/2002 13:12

    Today in a coordinated effort between all major Linux vendors, a vulnerability in the zlib library was announced, potentially affecting every installed Linux system in existance.
    The vulnerability is rooted in the free() function and how it used. Quoting from the EnGarde Secure Linux advisory, "The zlib shared library may attempt to free() a memory region more then once, potentially yielding a system exploitable by certain programs that use it for decompression. Because certain packages include their own zlib implementation or statically link against the system zlib, several packages need to be updated to properly fix this bug."

    This vulnerability will also affect some vendors shipping implementations of the open source library within their binary applications.

    Packages including X11, rsync, the Linux kernel, QT, mozilla, gcc, vnc, and many other programs that have the ability to use network compression are potentially vulnerable.

    The reason this particular vulnerability is so significant is because many programs implement their own particular version of the zlib library, statically linked with their code, and therefore inheriting the potential for exploit.

    No known exploit is available for this vulnerability at this time, but the implications of this vulnerability are significant, and have the potential for remote compromise leading to root privileges on the server.

    As vendors post their advisories, LinuxSecurity will continue to update this page and our site, directing the Linux and open source security communities to the authoritative information from their Linux vendor.


    Resources
    Common Vulnerabilities and Exposures entry for this vulnerability http://cve.mitre.org/cgi-bin/cvename...=CAN-2002-0059

    EnGarde Secure Linux Advisory http://www.linuxsecurity.com/advisor...sory-1960.html

    Thanks to Ryan W. Maple for assistance with this report. This page will be updated continually, as vendors file their vulnerability reports.

    NewsForge is also covering this story.
    Reply With Quote Reply With Quote
  2. March 13th, 2002, 03:20 PM #2
    s0nIc
    s0nIc is offline
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584
    Other apps/services which contain the old code include:

    gcc 3.0
    gpg
    rsync
    cvs
    rrdtool
    freeamp
    Netscape (fix in the works)
    ssh
    vnc
    XFree86

    the latest update about this so far is here : http://www.theregister.co.uk/content/5/24387.html
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules