Intrusion Prevention

zlib.Compression.Library.DoS

Description

This indicates an attack attempt to exploit a denial of service vulnerability in ZLib compression library.
The vulnerability is caused by improper error handling in the Zlib's "inflate()" and "inflateBack()" functions.

Affected Products

zlib zlib 1.2.1
zlib zlib 1.2 .0.7
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SCO Unixware 7.1.4
SCO Unixware 7.1.3 up
SCO Unixware 7.1.3
SCO Unixware 7.1.2
SCO Unixware 7.1.1
SCO Unixware 7.1
SCO Unixware 7.0.1
SCO Unixware 7.0
SCO Open Server 6.0
SCO Open Server 5.0.7
SCO Open Server 5.0.6 a
SCO Open Server 5.0.6
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server 9
RedHat Fedora Core2
OpenPKG OpenPKG 2.3
OpenPKG OpenPKG 2.2
OpenPKG OpenPKG 2.1
OpenPKG OpenPKG 2.0
OpenPKG OpenPKG Current
OpenBSD OpenBSD 3.5
OpenBSD OpenBSD -current
MandrakeSoft Linux Mandrake 10.0 AMD64
MandrakeSoft Linux Mandrake 10.0
MacSSH MacSSH 2.1 fc3
MacSFTP MacSFTP 1.0.6
libpng libpng3 1.2.6
libpng libpng 1.0.16
FileZilla FileZilla Server 0.7.1
FileZilla FileZilla Server 0.7
CVS CVS 1.12.12
Avaya Intuity R5 R5.1.46

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version of zlib (1.2.2 or later), available fom the zlib Web site.
http://www.zlib.net/

CVE References

CVE-2004-0797