Info

Disclosure

Feb 21, 2003

Discovery

Unknown

Dates

Exploit

Feb 21, 2003

Solution

Unknown

Description

A local overflow exists in zlib. The gzprintf() function fails to validate input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Upgrade to version 1.1.4-r1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

gzip.org

zlib

1.1.4-1

References

ISS X-Force ID: 11381
CERT VU: 142121
CVE ID: 2003-0107 (see also: NVD)
Secunia Advisory ID: 24788
Bugtraq ID: 6913
Vendor Specific Advisory URL: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-004.txt.asc ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-011.0.txt ftp://patches.sgi.com/support/free/security/advisories/20031002-01-U.asc http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000619
http://docs.info.apple.com/article.html?artnum=61798
http://www.linuxsecurity.com/advisories/gentoo_advisory-3079.html
http://www.linuxsecurity.com/advisories/immunix_advisory-3330.html
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:033
http://www.openpkg.org/security/OpenPKG-SA-2003.015-zlib.html
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-02/0269.html
http://archives.neohapsis.com/archives/bugtraq/2007-04/0098.html
Generic Exploit URL: http://marc.theaimsgroup.com/?l=bugtraq&m=104610337726297&w=2
Vendor URL: http://www.gzip.org/zlib/
RedHat RHSA: RHSA-2003:079-10

Credit

Richard Kettlewell - rjkgreenend.org.uk -

Direct URL: http://osvdb.org/36218