Security Update: [CSSA-2003-011.0] Linux: format string vulnerability in zlib (gzprintf)

From: securityat_private
Date: Mon Mar 10 2003 - 11:53:14 PST

Next message: securityat_private: "Security Update: [CSSA-2003-010.0] Linux: remote buffer overflow in sendmail (CERT CA-2003-07)"

Previous message: Secure Net Service(SNS) Security Advisory: "[SNS Advisory No.63] DeleGate Pointer Array Overflow May Let Remote Users Execute Arbitrary Code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: bugtraqat_private announceat_private security-alertsat_private


______________________________________________________________________________

			SCO Security Advisory

Subject:		Linux: format string vulnerability in zlib (gzprintf)
Advisory number: 	CSSA-2003-011.0
Issue date: 		2003 March 10
Cross reference:
______________________________________________________________________________


1. Problem Description

	There is a buffer overflow in the gzprintf function in zlib that
	can enable attackers to cause a denial of service or possibly
	execute arbitrary code.


2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------

	OpenLinux 3.1.1 Server		prior to libz-1.1.4-2.i386.rpm
					prior to libz-devel-1.1.4-2.i386.rpm
					prior to libz-devel-static-1.1.4-2.i386.rpm

	OpenLinux 3.1.1 Workstation	prior to libz-1.1.4-2.i386.rpm
					prior to libz-devel-1.1.4-2.i386.rpm
					prior to libz-devel-static-1.1.4-2.i386.rpm

	OpenLinux 3.1 Server		prior to libz-1.1.4-2.i386.rpm
					prior to libz-devel-1.1.4-2.i386.rpm
					prior to libz-devel-static-1.1.4-2.i386.rpm

	OpenLinux 3.1 Workstation	prior to libz-1.1.4-2.i386.rpm
					prior to libz-devel-1.1.4-2.i386.rpm
					prior to libz-devel-static-1.1.4-2.i386.rpm


3. Solution

	The proper solution is to install the latest packages. Many
	customers find it easier to use the Caldera System Updater, called
	cupdate (or kcupdate under the KDE environment), to update these
	packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-011.0/RPMS

	4.2 Packages

	54e3d653907b2aa8111939d208b1f48b	libz-1.1.4-2.i386.rpm
	7b6103ac070899d33ddc18ec0152c8ad	libz-devel-1.1.4-2.i386.rpm
	bf687e8997a2c7413f183cf0398a797c	libz-devel-static-1.1.4-2.i386.rpm

	4.3 Installation

	rpm -Fvh libz-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

	4.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-011.0/SRPMS

	4.5 Source Packages

	cb073eedd69f6503fdaaf7a12ed37c10	libz-1.1.4-2.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-011.0/RPMS

	5.2 Packages

	80a08ebf1d968f880b8bfeb9a91d9288	libz-1.1.4-2.i386.rpm
	de1a572406aae392822c6b8fd9667c05	libz-devel-1.1.4-2.i386.rpm
	80f2a2de435d10d2acd957cc07790cf9	libz-devel-static-1.1.4-2.i386.rpm

	5.3 Installation

	rpm -Fvh libz-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

	5.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-011.0/SRPMS

	5.5 Source Packages

	dd564551f59c8675aec4cab15e6108dc	libz-1.1.4-2.src.rpm


6. OpenLinux 3.1 Server

	6.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-011.0/RPMS

	6.2 Packages

	5cc16bd91015ce00f468e747a5fc8772	libz-1.1.4-2.i386.rpm
	1d321ea1297616096fb5e1a3b72ec828	libz-devel-1.1.4-2.i386.rpm
	021368dbf124ba856d46fb85f072b010	libz-devel-static-1.1.4-2.i386.rpm

	6.3 Installation

	rpm -Fvh libz-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

	6.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-011.0/SRPMS

	6.5 Source Packages

	9707abacf6336b2d5cb62529a0021d97	libz-1.1.4-2.src.rpm


7. OpenLinux 3.1 Workstation

	7.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-011.0/RPMS

	7.2 Packages

	303370a239df4fdff20a93ec885ef342	libz-1.1.4-2.i386.rpm
	ff34cf793e2c8c70627ecd29c271dcca	libz-devel-1.1.4-2.i386.rpm
	eaef0a84c34dd17b2af72f9e235803da	libz-devel-static-1.1.4-2.i386.rpm

	7.3 Installation

	rpm -Fvh libz-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-1.1.4-2.i386.rpm
	rpm -Fvh libz-devel-static-1.1.4-2.i386.rpm

	7.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-011.0/SRPMS

	7.5 Source Packages

	c0c9de8ce6e7d254a640b2a84e5d806d	libz-1.1.4-2.src.rpm


8. References

	Specific references for this advisory:

		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107

	SCO security resources:

		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr875410, fz527488,
	erg712251.


9. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers intended
	to promote secure installation and use of SCO products.


10. Acknowledgements

	Richard Kettlewell <rjkat_private> discovered and researched
	this vulnerability.

______________________________________________________________________________

application/pgp-signature attachment: stored

Next message: securityat_private: "Security Update: [CSSA-2003-010.0] Linux: remote buffer overflow in sendmail (CERT CA-2003-07)"
Previous message: Secure Net Service(SNS) Security Advisory: "[SNS Advisory No.63] DeleGate Pointer Array Overflow May Let Remote Users Execute Arbitrary Code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 11 2003 - 10:08:19 PST