How to Buy
This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated zlib packages that fix a buffer overflow vulnerability are now
Zlib is a general-purpose, patent-free, lossless data compression
library that is used by many different programs.
The function gzprintf within zlib, when called with a string longer
than Z_PRINTF_BUFZISE (= 4096 bytes), can overflow without giving a
zlib-1.1.4 and earlier exhibit this behavior. There are no known
exploits of the gzprintf overrun, and only a few programs, including
rpm2html and gimp-print, are known to use the gzprintf function.
The problem has been fixed by checking the length of the output string
See also :
Update the affected zlib and / or zlib-devel packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12374 ()
CVE ID: CVE-2003-0107
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.