inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5
http://secunia.com/advisories/16355/
http://secunia.com/advisories/16500
http://secunia.com/advisories/17826
http://secunia.com/advisories/17918
http://secunia.com/advisories/18056
http://secunia.com/advisories/18059
http://secunia.com/advisories/18510
http://secunia.com/advisories/18684
http://secunia.com/advisories/19252
http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
http://www.debian.org/security/2005/dsa-921
http://www.debian.org/security/2005/dsa-922
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
http://www.novell.com/linux/security/advisories/2005_50_kernel.html
http://www.redhat.com/support/errata/RHSA-2006-0101.html
http://www.redhat.com/support/errata/RHSA-2006-0144.html
http://www.redhat.com/support/errata/RHSA-2006-0190.html
http://www.redhat.com/support/errata/RHSA-2006-0191.html
http://www.securityfocus.com/archive/1/419522/100/0/threaded
http://www.securityfocus.com/archive/1/427980/100/0/threaded
http://www.securityfocus.com/archive/1/428028/100/0/threaded
http://www.securityfocus.com/archive/1/428058/100/0/threaded
http://www.securityfocus.com/bid/14719
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10785
Source: MITRE
Published: 2005-08-23
Updated: 2018-10-19
Type: NVD-CWE-Other
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
OR
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:386:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686_smp:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8_smp:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_xeon:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7_smp:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3_smp:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4_smp:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc_smp:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11_rc1_bk6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
22788 | Debian DSA-922-1 : kernel-source-2.6.8 - several vulnerabilities | Nessus | Debian Local Security Checks | high |
22787 | Debian DSA-921-1 : kernel-source-2.4.27 - several vulnerabilities | Nessus | Debian Local Security Checks | medium |
21977 | CentOS 4 : kernel (CESA-2006:0101) | Nessus | CentOS Local Security Checks | high |
21882 | CentOS 3 : kernel (CESA-2006:0144) | Nessus | CentOS Local Security Checks | medium |
21089 | RHEL 3 : kernel (RHSA-2006:0144) | Nessus | Red Hat Local Security Checks | medium |
20855 | RHEL 2.1 : kernel (RHSA-2006:0191) | Nessus | Red Hat Local Security Checks | medium |
20732 | RHEL 4 : kernel (RHSA-2006:0101) | Nessus | Red Hat Local Security Checks | high |
20575 | Ubuntu 4.10 / 5.04 : linux-source-2.6.8.1, linux-source-2.6.10 vulnerabilities (USN-169-1) | Nessus | Ubuntu Local Security Checks | medium |
20451 | MDKSA-2005:220 : kernel | Nessus | Mandriva Local Security Checks | medium |
20450 | Mandrake Linux Security Advisory : kernel (MDKSA-2005:219) | Nessus | Mandriva Local Security Checks | high |
801416 | CentOS RHSA-2006-0144 Security Check | Log Correlation Engine | Generic | high |
801413 | CentOS RHSA-2006-0101 Security Check | Log Correlation Engine | Generic | high |