FreeBSD : zlib -- buffer overflow vulnerability (837b9fb2-0595-11da-86bc-000e0c2e438a)
Medium Nessus Plugin ID 21460
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionProblem description A fixed-size buffer is used in the decompression of data streams. Due to erronous analysis performed when zlib was written, this buffer, which was belived to be sufficiently large to handle any possible input stream, is in fact too small. Impact A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.
SolutionUpdate the affected package.