SUSE-SA:2004:029: zlib

Low Nessus Plugin ID 14658


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2004:029 (zlib).

zlib is a widely used data compression library. Programs linked against it include most desktop applications as well as servers such as Apache and OpenSSH.

The 'inflate' function of zlib handles certain input data incorrectly which could lead to a denial of service condition for programs using it with untrusted data. Whether the vulnerability can be exploided locally or remotely depends on the application using it.

zlib versions older than version 1.2 are not affected.


Plugin Details

Severity: Low

ID: 14658

File Name: suse_SA_2004_029.nasl

Version: $Revision: 1.9 $

Agent: unix

Published: 2004/09/03

Modified: 2010/10/06

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2004-0797

BID: 11051