Settings

Tenable Community & Support

Tenable University

Settings

Severity

Theme

CVE-2005-2458

MEDIUM

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".

References

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5

http://secunia.com/advisories/16355/

http://secunia.com/advisories/16500

http://secunia.com/advisories/17826

http://secunia.com/advisories/17918

http://secunia.com/advisories/18056

http://secunia.com/advisories/18059

http://secunia.com/advisories/18510

http://secunia.com/advisories/18684

http://secunia.com/advisories/19252

http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html

http://www.debian.org/security/2005/dsa-921

http://www.debian.org/security/2005/dsa-922

http://www.mandriva.com/security/advisories?name=MDKSA-2005:219

http://www.mandriva.com/security/advisories?name=MDKSA-2005:220

http://www.novell.com/linux/security/advisories/2005_50_kernel.html

http://www.redhat.com/support/errata/RHSA-2006-0101.html

http://www.redhat.com/support/errata/RHSA-2006-0144.html

http://www.redhat.com/support/errata/RHSA-2006-0190.html

http://www.redhat.com/support/errata/RHSA-2006-0191.html

http://www.securityfocus.com/archive/1/419522/100/0/threaded

http://www.securityfocus.com/archive/1/427980/100/0/threaded

http://www.securityfocus.com/archive/1/428028/100/0/threaded

http://www.securityfocus.com/archive/1/428058/100/0/threaded

http://www.securityfocus.com/bid/14719

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10785

https://usn.ubuntu.com/169-1/

Details

Source: MITRE

Published: 2005-08-23

Updated: 2018-10-19

Type: NVD-CWE-Other

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:386:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686_smp:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8_smp:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_xeon:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7_smp:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3_smp:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4_smp:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc_smp:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11_rc1_bk6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*

Tenable Plugins

View all (12 total)

ID	Name	Product	Family	Severity
22788	Debian DSA-922-1 : kernel-source-2.6.8 - several vulnerabilities	Nessus	Debian Local Security Checks	high
22787	Debian DSA-921-1 : kernel-source-2.4.27 - several vulnerabilities	Nessus	Debian Local Security Checks	medium
21977	CentOS 4 : kernel (CESA-2006:0101)	Nessus	CentOS Local Security Checks	high
21882	CentOS 3 : kernel (CESA-2006:0144)	Nessus	CentOS Local Security Checks	medium
21089	RHEL 3 : kernel (RHSA-2006:0144)	Nessus	Red Hat Local Security Checks	medium
20855	RHEL 2.1 : kernel (RHSA-2006:0191)	Nessus	Red Hat Local Security Checks	medium
20732	RHEL 4 : kernel (RHSA-2006:0101)	Nessus	Red Hat Local Security Checks	high
20575	Ubuntu 4.10 / 5.04 : linux-source-2.6.8.1, linux-source-2.6.10 vulnerabilities (USN-169-1)	Nessus	Ubuntu Local Security Checks	medium
20451	MDKSA-2005:220 : kernel	Nessus	Mandriva Local Security Checks	medium
20450	Mandrake Linux Security Advisory : kernel (MDKSA-2005:219)	Nessus	Mandriva Local Security Checks	high
801416	CentOS RHSA-2006-0144 Security Check	Log Correlation Engine	Generic	high
801413	CentOS RHSA-2006-0101 Security Check	Log Correlation Engine	Generic	high