This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated zlib packages that fix a buffer overflow vulnerability are now
Zlib is a general-purpose, patent-free, lossless data compression
library that is used by many different programs.
The function gzprintf within zlib, when called with a string longer
than Z_PRINTF_BUFZISE (= 4096 bytes), can overflow without giving a
zlib-1.1.4 and earlier exhibit this behavior. There are no known
exploits of the gzprintf overrun, and only a few programs, including
rpm2html and gimp-print, are known to use the gzprintf function.
The problem has been fixed by checking the length of the output string
See also :
Update the affected zlib and / or zlib-devel packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12374 ()
CVE ID: CVE-2003-0107
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.