Zlib Compression Library Decompression Buffer Overflow Vulnerability

Bugtraq ID: 14340
Class: Boundary Condition Error
CVE: CVE-2005-1849
Remote: Yes
Local: No
Published: Jul 21 2005 12:00AM
Updated: Oct 16 2009 04:18PM
Credit: Markus Oberhumer is credited with the discovery of this issue.
Vulnerable: zlib zlib 1.2.2
+ zsync zsync 0.4
+ zsync zsync 0.3.3
+ zsync zsync 0.3.2
+ zsync zsync 0.3.1
+ zsync zsync 0.3
+ zsync zsync 0.2.3
+ zsync zsync 0.2.2
+ zsync zsync 0.2.1
+ zsync zsync 0.2
+ zsync zsync 0.1.6
+ zsync zsync 0.1.5
+ zsync zsync 0.1.4
+ zsync zsync 0.1.3
+ zsync zsync 0.1.2
+ zsync zsync 0.1.1
+ zsync zsync 0.1
+ zsync zsync 0.0.6
+ zsync zsync 0.0.5
+ zsync zsync 0.0.4
+ zsync zsync 0.0.3
+ zsync zsync 0.0.2
+ zsync zsync 0.0.1
zlib zlib 1.2.1
+ Conectiva Linux 10.0
+ Red Hat Fedora Core2
+ Turbolinux Turbolinux Server 10.0
zlib zlib 1.2 .0.7
+ Red Hat Fedora Core1
zlib zlib 1.1.4
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ GLT GLT 0.6
+ NetBSD NetBSD 1.6
+ NetBSD NetBSD 1.5.3
+ NetBSD NetBSD 1.5.2
+ NetBSD NetBSD 1.5.1
+ NetBSD NetBSD 1.5
- NullSoft Winamp 2.79
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG 1.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux Advanced Work Station 2.1
+ Sun Cobalt Qube 3
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt Qube3 Japanese 4000WGJ
+ Sun Cobalt Qube3 Japanese w/ Caching and RAID 4100WGJ
+ Sun Cobalt Qube3 Japanese w/Caching 4010WGJ
+ Sun Cobalt Qube3 w/ Caching and RAID 4100WG
+ Sun Cobalt Qube3 w/Caching 4010WG
+ Sun Cobalt RaQ 4
+ Sun Cobalt RaQ XTR
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ XTR Japanese 3500R-ja
+ Sun Cobalt RaQ4 3001R
+ Sun Cobalt RaQ4 Japanese RAID 3100R-ja
+ Sun Cobalt RaQ4 RAID 3100R
+ Sun Linux 5.0
zlib zlib 1.1.3
zlib zlib 1.1.2
zlib zlib 1.1.1
zlib zlib 1.1
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Server 10.0
Trustix Secure Linux 2.2
Trustix Secure Linux 2.1
Trustix Secure Enterprise Linux 2.0
Trolltech Qt 3.3.4
+ Gentoo Linux
Trolltech Qt 3.3.3
Trolltech Qt 3.3.2
Trolltech Qt 3.3.1
Trolltech Qt 3.3 .0
Trolltech Qt 3.2.3
+ Conectiva Linux 10.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
Trolltech Qt 3.2.1
Trolltech Qt 3.1.2
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
Trolltech Qt 3.1.1
+ Conectiva Linux 9.0
Trolltech Qt 3.1
Trolltech Qt 3.0.5
Trolltech Qt 3.0.3
Trolltech Qt 3.0
Trolltech Qt 2.3.1
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux -current
SCO Unixware 7.1.4
SCO Unixware 7.1.3
SCO Open Server 6.0
SCO Open Server 5.0.7
SCO Open Server 5.0.6 a
SCO Open Server 5.0.6
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server 9
RedHat Red Hat Network Satellite (for RHEL 4) 5.1
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Desktop 4.0
Red Hat Red Hat Network Satellite Server 4.2
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Fedora 11
Red Hat Fedora 10
Red Hat Enterprise Linux AS 4
OpenPKG OpenPKG 2.4
OpenPKG OpenPKG 2.3
OpenPKG OpenPKG Current
OpenBSD OpenBSD 3.7
OpenBSD OpenBSD 3.6
OpenBSD OpenBSD 3.5
OpenBSD OpenBSD -current
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Gentoo Linux
FreeBSD FreeBSD 5.4 -RELENG
FreeBSD FreeBSD 5.4 -RELEASE
FreeBSD FreeBSD 5.4 -PRERELEASE
FreeBSD FreeBSD 5.3 -STABLE
FreeBSD FreeBSD 5.3 -RELENG
FreeBSD FreeBSD 5.3 -RELEASE
FreeBSD FreeBSD 5.3
FileZilla FileZilla Server 0.9.8 c
FileZilla FileZilla Server 0.9.8 b
FileZilla FileZilla Server 0.9.8 a
FileZilla FileZilla Server 0.9.8
FileZilla FileZilla Server 0.7.1
FileZilla FileZilla Server 0.7
FileZilla FileZilla Server 0.9.6
FileZilla FileZilla Server 0.9.5
FileZilla FileZilla Server 0.9.4e
FileZilla FileZilla Server 0.9.4d
FileZilla FileZilla Server 0.9.3
FileZilla FileZilla Server 0.9.2
FileZilla FileZilla Server 0.9.1b
FileZilla FileZilla Server 0.9.0
FileZilla FileZilla Server 0.8.9
FileZilla FileZilla Server 0.8.8
FileZilla FileZilla Server 0.8.7
FileZilla FileZilla Server 0.8.6a
FileZilla FileZilla Server 0.8.5
FileZilla FileZilla Server 0.8.4
FileZilla FileZilla Server 0.8.3
FileZilla FileZilla Server 0.8.2
FileZilla FileZilla Server 0.8.1
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.9
Ethereal Group Ethereal 0.10.8
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.10.6
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.3
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Red Hat Fedora Core2
+ Red Hat Fedora Core1
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10 .10
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Ethereal Group Ethereal 0.10
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Conectiva Linux 10.0
Apple Mac OS X Server 10.4.2
Apple Mac OS X 10.4.2
AIDE AIDE 0.10
+ Ubuntu Ubuntu Linux 5.10 powerpc
+ Ubuntu Ubuntu Linux 5.10 i386
+ Ubuntu Ubuntu Linux 5.10 amd64
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Not Vulnerable: zlib zlib 1.2.3
Trolltech Qt 3.3.5
FileZilla FileZilla Server 0.9.9
Ethereal Group Ethereal 0.10.12


 

Privacy Statement
Copyright 2010, SecurityFocus