Vulnerability Note VU#238678

The zlib compression library is vulnerable to a denial-of-service condition

Original Release date: 01 Oct 2004 | Last revised: 05 Oct 2005

Overview

Un-handled error conditions in the zlib compression library may allow an attacker to cause a denial-of-service condition.

Description

There is a vulnerability in the error handling mechanisms of the decompression functions in the zlib compression library. The decompression functions inflate() and inflateBack() fail to handle certain error conditions properly. If an un-handled error condition is raised, the application linked to zlib may abruptly and abnormally terminate. This vulnerability may be exploited locally or remotely depending on the application being attacked.

This issue exists in zlib versions 1.2.0.x and 1.2.x, other versions are not vulnerable.

Impact

A malicious user may be able to intentionally raise an un-handled error condition by supplying the vulnerable functions with specially crafted compressed data. As a result, applications linked to the zlib library may abruptly and abnormally terminate resulting in a denial-of-service condition.

Solution

Check with Vendor

Users who suspect they are vulnerable are encouraged to check with their vendor to determine the appropriate action to take. Please see the list of vendors we have notified below.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
CVS HomeAffected-05 Oct 2005
DebianAffected01 Sep 200402 Sep 2004
libpng.orgAffected01 Sep 200402 Sep 2004
MacSSHAffected27 Aug 200407 Sep 2004
Zlib.orgAffected-03 Nov 2004
AppGate Network Security ABNot Affected01 Sep 200402 Sep 2004
Apple Computer Inc.Not Affected-17 Feb 2005
Aruba NetworksNot Affected01 Sep 200413 Sep 2004
BitviseNot Affected01 Sep 200413 Sep 2004
CerticomNot Affected01 Sep 200409 Sep 2004
Check PointNot Affected01 Sep 200407 Sep 2004
Chiaro NetworksNot Affected01 Sep 200402 Sep 2004
ClavisterNot Affected01 Sep 200402 Sep 2004
Cray Inc.Not Affected01 Sep 200401 Sep 2004
cryptlibNot Affected01 Sep 200407 Sep 2004
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported by OpenPKG.

We thank Mark Adler for providing information about this vulnerability.

This document was written by Jeff Gennari.

Other Information

  • CVE IDs: CAN-2004-0797
  • Date Public: 25 Aug 2004
  • Date First Published: 01 Oct 2004
  • Date Last Updated: 05 Oct 2005
  • Severity Metric: 0.66
  • Document Revision: 335

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.