Zlib Compression Library Buffer Overflow Vulnerability

Bugtraq ID: 14162
Class: Boundary Condition Error
CVE: CVE-2005-2096
Remote: Yes
Local: No
Published: Jul 06 2005 12:00AM
Updated: Nov 13 2008 11:14PM
Credit: Tavis Ormandy of the Gentoo Linux Security Audit Team is credited with the discovery of this vulnerability.
Vulnerable: zsync zsync 0.4
zsync zsync 0.3.3
zsync zsync 0.3.2
zsync zsync 0.3.1
zsync zsync 0.3
zsync zsync 0.2.3
zsync zsync 0.2.2
zsync zsync 0.2.1
zsync zsync 0.2
zsync zsync 0.1.6
zsync zsync 0.1.5
zsync zsync 0.1.4
zsync zsync 0.1.3
zsync zsync 0.1.2
zsync zsync 0.1.1
zsync zsync 0.1
zsync zsync 0.0.6
zsync zsync 0.0.5
zsync zsync 0.0.4
zsync zsync 0.0.3
zsync zsync 0.0.2
zsync zsync 0.0.1
zlib zlib 1.2.2
zlib zlib 1.2.1
zlib zlib 1.2 .0.7
zlib zlib 1.1.4
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ GLT GLT 0.6
+ NetBSD NetBSD 1.6
+ NetBSD NetBSD 1.5.3
+ NetBSD NetBSD 1.5.2
+ NetBSD NetBSD 1.5.1
+ NetBSD NetBSD 1.5
- NullSoft Winamp 2.79
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG 1.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux Advanced Work Station 2.1
+ Sun Cobalt Qube 3
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt Qube3 Japanese 4000WGJ
+ Sun Cobalt Qube3 Japanese w/ Caching and RAID 4100WGJ
+ Sun Cobalt Qube3 Japanese w/Caching 4010WGJ
+ Sun Cobalt Qube3 w/ Caching and RAID 4100WG
+ Sun Cobalt Qube3 w/Caching 4010WG
+ Sun Cobalt RaQ 4
+ Sun Cobalt RaQ XTR
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ XTR Japanese 3500R-ja
+ Sun Cobalt RaQ4 3001R
+ Sun Cobalt RaQ4 Japanese RAID 3100R-ja
+ Sun Cobalt RaQ4 RAID 3100R
+ Sun Linux 5.0
zlib zlib 1.1.3
zlib zlib 1.1.2
zlib zlib 1.1.1
zlib zlib 1.1
zlib zlib 1.0.9
zlib zlib 1.0.8
zlib zlib 1.0.7
zlib zlib 1.0.6
zlib zlib 1.0.5
zlib zlib 1.0.4
- XFree86 X11R6 3.3.6
- XFree86 X11R6 3.3.5
- XFree86 X11R6 3.3.4
- XFree86 X11R6 3.3.3
- XFree86 X11R6 3.3.2
- XFree86 X11R6 3.3
zlib zlib 1.0.3
zlib zlib 1.0.2
zlib zlib 1.0.1
zlib zlib 1.0
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
Trolltech Qt 3.3.4
Trolltech Qt 3.3.3
Trolltech Qt 3.3.2
Trolltech Qt 3.3.1
Trolltech Qt 3.3 .0
Trolltech Qt 3.2.3
Trolltech Qt 3.2.1
Trolltech Qt 3.1.2
Trolltech Qt 3.1.1
Trolltech Qt 3.1
Trolltech Qt 3.0.5
Trolltech Qt 3.0.3
Trolltech Qt 3.0
Trolltech Qt 2.3.1
Sun Solaris 9_x86 Update 2
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 10.0_x86
Sun Solaris 10
Sun Java Enterprise System 2005Q1
Sun Java Enterprise System 2004Q2
Sun Java Enterprise System 2003Q4
+ Sun Solaris 9
+ Sun Solaris 8_x86
+ Sun Solaris 8_sparc
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux -current
SCO Unixware 7.1.4
SCO Unixware 7.1.3
SCO Open Server 6.0
SCO Open Server 5.0.7
SCO Open Server 5.0.6 a
SCO Open Server 5.0.6
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server 9
Russell Lang GSview 4.8
RedHat RPM 4.4.1
+ Red Hat Fedora Core4
RedHat Network Satellite (for RHEL 4) 5.1
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Desktop 4.0
Red Hat Red Hat Network Satellite Server 5.0
Red Hat Red Hat Network Satellite Server 4.2
Red Hat Fedora Core4
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
OpenPKG OpenPKG 2.4
OpenPKG OpenPKG 2.3
OpenPKG OpenPKG Current
OpenBSD OpenBSD 3.7
OpenBSD OpenBSD 3.6
OpenBSD OpenBSD 3.5
MySQL AB MySQL 4.1.5
MySQL AB MySQL 4.1.4
MySQL AB MySQL 4.1.3 -beta
MySQL AB MySQL 4.1.3 -beta
MySQL AB MySQL 4.1.3 -0
MySQL AB MySQL 4.1.2 -alpha
MySQL AB MySQL 4.0.24
MySQL AB MySQL 4.0.21
MySQL AB MySQL 4.0.20
MySQL AB MySQL 4.0.18
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
MySQL AB MySQL 4.0.15
MySQL AB MySQL 4.0.14
+ OpenPKG OpenPKG 1.3
+ OpenPKG OpenPKG Current
+ Trustix Secure Linux 2.0
MySQL AB MySQL 4.0.13
MySQL AB MySQL 4.0.12
MySQL AB MySQL 4.0.11 -gamma
MySQL AB MySQL 4.0.11
MySQL AB MySQL 4.0.10
MySQL AB MySQL 4.0.9 -gamma
MySQL AB MySQL 4.0.9
MySQL AB MySQL 4.0.8 -gamma
MySQL AB MySQL 4.0.8
MySQL AB MySQL 4.0.7 -gamma
MySQL AB MySQL 4.0.7
MySQL AB MySQL 4.0.6
MySQL AB MySQL 4.0.5 a
MySQL AB MySQL 4.0.5
MySQL AB MySQL 4.0.4
MySQL AB MySQL 4.0.3
MySQL AB MySQL 4.0.2
MySQL AB MySQL 4.0.1
MySQL AB MySQL 4.0 .0
MySQL AB MySQL 4.1.10a
MySQL AB MySQL 4.1.0.0-alpha
MySQL AB MySQL 4.1.0-0
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Ken Kato Virtual Floppy Drive 2.1
IPCop IPCop 1.4.6
IPCop IPCop 1.4.5
IPCop IPCop 1.4.4
IPCop IPCop 1.4.2
IPCop IPCop 1.4.1
HP HP-UX 11.23
HP HP-UX 11.11
HP HP-UX 11.0
HP HP-UX B.11.23
HP HP-UX B.11.11
HP HP-UX B.11.11
HP HP-UX B.11.00
Gentoo Linux
FreeBSD FreeBSD 5.4 -RELENG
FreeBSD FreeBSD 5.4 -RELEASE
FreeBSD FreeBSD 5.4 -PRERELEASE
FreeBSD FreeBSD 5.3 -STABLE
FreeBSD FreeBSD 5.3 -RELENG
FreeBSD FreeBSD 5.3 -RELEASE
FreeBSD FreeBSD 5.3
FileZilla FileZilla Server 0.9.8 c
FileZilla FileZilla Server 0.9.8 b
FileZilla FileZilla Server 0.9.8 a
FileZilla FileZilla Server 0.9.8
FileZilla FileZilla Server 0.7.1
FileZilla FileZilla Server 0.7
FileZilla FileZilla Server 0.9.6
FileZilla FileZilla Server 0.9.5
FileZilla FileZilla Server 0.9.4e
FileZilla FileZilla Server 0.9.4d
FileZilla FileZilla Server 0.9.3
FileZilla FileZilla Server 0.9.2
FileZilla FileZilla Server 0.9.1b
FileZilla FileZilla Server 0.9.0
FileZilla FileZilla Server 0.8.9
FileZilla FileZilla Server 0.8.8
FileZilla FileZilla Server 0.8.7
FileZilla FileZilla Server 0.8.6a
FileZilla FileZilla Server 0.8.5
FileZilla FileZilla Server 0.8.4
FileZilla FileZilla Server 0.8.3
FileZilla FileZilla Server 0.8.2
FileZilla FileZilla Server 0.8.1
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.9
+ Gentoo Linux
Ethereal Group Ethereal 0.10.8
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.10.6
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.3
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10 .10
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Ethereal Group Ethereal 0.10
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
David Ingalls Bell Sash 3.7
David Ingalls Bell Sash 3.6
David Ingalls Bell Sash 3.4
Daniel Stenberg curl 7.17
CVS CVS 1.12.12
Conectiva Linux 10.0
Avaya Predictive Dialing System (PDS) 12.0
Apple Safari 3.1.1
Apple Safari 3.0.3 Beta
Apple Safari 3.0.1 Beta
Apple Safari 3.1
Apple Safari 3 Beta
Apple Safari 3
Apple Mac OS X Server 10.4.2
Apple Mac OS X 10.4.2
AIDE AIDE 0.10
Not Vulnerable: zsync zsync 0.4.1
zlib zlib 1.2.3
Trolltech Qt 3.3.5
MySQL AB MySQL 4.1.13
FileZilla FileZilla Server 0.9.9
Ethereal Group Ethereal 0.10.12
CVS CVS 1.12.13
Apple Safari 3.1.2


 

Privacy Statement
Copyright 2010, SecurityFocus