[SCO] Schwachstelle in zlib - SCOSA-2004.17

win-sec-ssc at dfn-cert.de win-sec-ssc at dfn-cert.de
Wed Oct 20 14:31:29 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgende Warnung der SCO Group. Wir geben diese
Informationen unveraendert an Sie weiter.

Die Bibliothek zlib wird zur verlustfreien Kompression beliebiger Daten
verwendet.

CAN-2004-0797 - Fehler in der zlib-Implementierung

   Die Implementierung der Bibliothek zlib enthaelt Fehler. In den
   Funktionen inflateBack() und inflate() werden jeweils Fehlerzustaende
   nicht ausreichend geprueft. Durch Bereitstellung entsprechend
   manipulierter Daten kann ein Angreifer Programme zum Absturz bringen,
   welche zlib verwendet (Denial of Service). Je nach verwundbarem
   Programm kann der Angriff auch ueber das Netzwerk erfolgen.

Betroffen sind UnixWare 7.1.4 und 7.1.3. Vom Hersteller werden 
ueberarbeitete Pakete zur Verfuegung gestellt.

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
    Andreas Bunten, DFN-CERT

- -- 
Andreas Bunten (CSIRT), DFN-CERT Services GmbH
https://www.dfn-cert.de/, +49 40 808077-617


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

 			SCO Security Advisory

Subject:		UnixWare 7.1.4 UnixWare 7.1.3 : The error handling in the inflate and inflateBack functions in ZLib compression library allows local users to cause a denial of service
Advisory number: 	SCOSA-2004.17
Issue date: 		2004 October 18
Cross reference:	sr891410 fz530158 erg712692 VU#238678 CAN-2004-0797
______________________________________________________________________________


1. Problem Description

 	CERT Vulnerability Note VU#238678 Un-handled error conditions
 	in the zlib compression library may allow an attacker to
 	cause a denial-of-service condition.

 	The Common Vulnerabilities and Exposures project
 	(cve.mitre.org) has assigned the following name
 	CAN-2004-0797 to this issue.

2. Vulnerable Supported Versions

 	System				Binaries
 	----------------------------------------------------------------------
 	UnixWare 7.1.4 			/usr/include/zconf.h
 					/usr/include/zlib.h
 					/usr/lib/libz.so.1.2.1
 	UnixWare 7.1.3 			/usr/include/zconf.h
 					/usr/include/zlib.h
 					/usr/lib/libz.so.1.2.1

3. Solution

 	The proper solution is to install the latest packages.

4. UnixWare 7.1.4

 	4.1 Location of Fixed Binaries

 	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.17

 	4.2 Verification

 	MD5 (erg712692.714.pkg) = 0b56f889838a2daaed77f8251922391e

 	md5 is available for download from
 		ftp://ftp.sco.com/pub/security/tools

 	4.3 Installing Fixed Binaries

 	Upgrade the affected binaries with the following sequence:

 	Download erg712692.714.pkg to the /var/spool/pkg directory

 	# pkgadd -d /var/spool/pkg/erg712692.714.pkg


5. UnixWare 7.1.3

 	5.1 Location of Fixed Binaries

 	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.17

 	5.2 Verification

 	MD5 (erg712692.pkg) = 5c48d63e7f5922dccf38f6d6fa66b325

 	md5 is available for download from
 		ftp://ftp.sco.com/pub/security/tools

 	5.3 Installing Fixed Binaries

 	Upgrade the affected binaries with the following sequence:

 	Download erg712692.pkg to the /var/spool/pkg directory

 	# pkgadd -d /var/spool/pkg/erg712692.pkg

6. References

 	Specific references for this advisory:
 		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797

 	SCO security resources:
 		http://www.sco.com/support/security/index.html

 	SCO security advisories via email
 		http://www.sco.com/support/forums/security.html

 	This security fix closes SCO incidents sr891410 fz530158
 	erg712692.


7. Disclaimer

 	SCO is not responsible for the misuse of any of the information
 	we provide on this website and/or through our security
 	advisories. Our advisories are a service to our customers
 	intended to promote secure installation and use of SCO
 	products.


8. Acknowledgments

 	SCO would like to thank Johan Thelmen for his help in finding
 	and fixing this bug.

______________________________________________________________________________

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (SCO/UNIX_SVR5)

iD8DBQFBdEDoaqoBO7ipriERAhGiAJ48MdrOA8bdUGm6pmHo2LyFhZOFVwCeIROv
gzuWIUemTaDZJ+qd//YgoWs=
=mt0U
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQEVAgUBQXZaGSgU04YpslABAQFUuAf+IwAxS3Cix1j2My4y5V2ET991HoKVNJY6
9+XI/VdoG8HUa1whvYf8D1mizAOsSJdxxKqXT0m6gb6HujQsGtOuYNYZb299fwlG
aFlGHUPJRD4zDd77HYBcIgq19AvEgQvIE1w3SnjJjzEmhmXX8ltpK+dIcaEpFRo7
46nEvro91WAZ6Za9ton2Jcp87hGJwM/s4J69vKphLUgsKWBP4DrfRiSluPBmPAQU
bM/R8/ZsEujJ9kodHwrbwmgEO+V9tGUaL8yQ6batDNbl86SnrtnwLNm3GUM7W5b5
pFY/S9pgq4cRrVlEzeiDEgwKMe+lwJ2/VgaR32uNpeCXrBMA3KuG6w==
=pZwF
-----END PGP SIGNATURE-----






More information about the Security-Announce mailing list