Twenty Year Anniversary
Showing 1 - 5 of 5 RSS Feed

CVE-2008-1372

Status Candidate

Overview

bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

Related Files

Gentoo Linux Security Advisory 200903-40
Posted Mar 30, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-40 - A Denial of Service vulnerability was discovered in Analog. Diego E. Petteno reported that the Analog package in Gentoo is built with its own copy of bzip2, making it vulnerable to CVE-2008-1372 (GLSA 200804-02). Versions less than 6.0-r2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2008-1372
MD5 | 61d954072f36172e15734e73f2ce0ff0
VMware Security Advisory 2008-0019
Posted Dec 4, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2.

tags | advisory
advisories | CVE-2008-4917, CVE-2008-1372
MD5 | bf8b9cd53f0f974f1f3e6b17c7c1826b
Gentoo Linux Security Advisory 200804-2
Posted Apr 3, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-02 - The Oulu University discovered that bzip2 does not properly check offsets provided by the bzip2 file, leading to a buffer overread. Versions less than 1.0.5 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1372
MD5 | 58f950dfe94adb27c139a0a3b6c6b84b
Ubuntu Security Notice 590-1
Posted Mar 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 590-1 - It was discovered that bzip2 did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially crafted bzip2 archive, applications linked against libbz2 could be made to crash, possibly leading to a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2008-1372
MD5 | 73750d6d375d42abb00e73ac27324bc7
Mandriva Linux Security Advisory 2008-075
Posted Mar 24, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Bzip2 versions before 1.0.5 are vulnerable to a denial of service attack via malicious compressed data.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2008-1372
MD5 | 8b04c1783e09b4625b6b82ad11e007d5
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    16 Files
  • 17
    Aug 17th
    22 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close