Home page logo
/

bugtraq logo Bugtraq mailing list archives

Security Update: [CSSA-2003-011.0] Linux: format string vulnerability in zlib (gzprintf)
From: security () sco com
Date: Mon, 10 Mar 2003 11:53:14 -0800

To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com


______________________________________________________________________________

                        SCO Security Advisory

Subject:                Linux: format string vulnerability in zlib (gzprintf)
Advisory number:        CSSA-2003-011.0
Issue date:             2003 March 10
Cross reference:
______________________________________________________________________________


1. Problem Description

        There is a buffer overflow in the gzprintf function in zlib that
        can enable attackers to cause a denial of service or possibly
        execute arbitrary code.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to libz-1.1.4-2.i386.rpm
                                        prior to libz-devel-1.1.4-2.i386.rpm
                                        prior to libz-devel-static-1.1.4-2.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to libz-1.1.4-2.i386.rpm
                                        prior to libz-devel-1.1.4-2.i386.rpm
                                        prior to libz-devel-static-1.1.4-2.i386.rpm

        OpenLinux 3.1 Server            prior to libz-1.1.4-2.i386.rpm
                                        prior to libz-devel-1.1.4-2.i386.rpm
                                        prior to libz-devel-static-1.1.4-2.i386.rpm

        OpenLinux 3.1 Workstation       prior to libz-1.1.4-2.i386.rpm
                                        prior to libz-devel-1.1.4-2.i386.rpm
                                        prior to libz-devel-static-1.1.4-2.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-011.0/RPMS

        4.2 Packages

        54e3d653907b2aa8111939d208b1f48b        libz-1.1.4-2.i386.rpm
        7b6103ac070899d33ddc18ec0152c8ad        libz-devel-1.1.4-2.i386.rpm
        bf687e8997a2c7413f183cf0398a797c        libz-devel-static-1.1.4-2.i386.rpm

        4.3 Installation

        rpm -Fvh libz-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

        4.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-011.0/SRPMS

        4.5 Source Packages

        cb073eedd69f6503fdaaf7a12ed37c10        libz-1.1.4-2.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-011.0/RPMS

        5.2 Packages

        80a08ebf1d968f880b8bfeb9a91d9288        libz-1.1.4-2.i386.rpm
        de1a572406aae392822c6b8fd9667c05        libz-devel-1.1.4-2.i386.rpm
        80f2a2de435d10d2acd957cc07790cf9        libz-devel-static-1.1.4-2.i386.rpm

        5.3 Installation

        rpm -Fvh libz-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

        5.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-011.0/SRPMS

        5.5 Source Packages

        dd564551f59c8675aec4cab15e6108dc        libz-1.1.4-2.src.rpm


6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-011.0/RPMS

        6.2 Packages

        5cc16bd91015ce00f468e747a5fc8772        libz-1.1.4-2.i386.rpm
        1d321ea1297616096fb5e1a3b72ec828        libz-devel-1.1.4-2.i386.rpm
        021368dbf124ba856d46fb85f072b010        libz-devel-static-1.1.4-2.i386.rpm

        6.3 Installation

        rpm -Fvh libz-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

        6.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-011.0/SRPMS

        6.5 Source Packages

        9707abacf6336b2d5cb62529a0021d97        libz-1.1.4-2.src.rpm


7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-011.0/RPMS

        7.2 Packages

        303370a239df4fdff20a93ec885ef342        libz-1.1.4-2.i386.rpm
        ff34cf793e2c8c70627ecd29c271dcca        libz-devel-1.1.4-2.i386.rpm
        eaef0a84c34dd17b2af72f9e235803da        libz-devel-static-1.1.4-2.i386.rpm

        7.3 Installation

        rpm -Fvh libz-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-1.1.4-2.i386.rpm
        rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

        7.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-011.0/SRPMS

        7.5 Source Packages

        c0c9de8ce6e7d254a640b2a84e5d806d        libz-1.1.4-2.src.rpm


8. References

        Specific references for this advisory:

                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107

        SCO security resources:

                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr875410, fz527488,
        erg712251.


9. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.


10. Acknowledgements

        Richard Kettlewell <rjk () greenend org uk> discovered and researched
        this vulnerability.

______________________________________________________________________________

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
  • Security Update: [CSSA-2003-011.0] Linux: format string vulnerability in zlib (gzprintf) security (Mar 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]