Twenty Year Anniversary
Showing 1 - 5 of 5 RSS Feed

CVE-2008-1372

Status Candidate

Overview

bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

Related Files

Gentoo Linux Security Advisory 200903-40
Posted Mar 30, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-40 - A Denial of Service vulnerability was discovered in Analog. Diego E. Petteno reported that the Analog package in Gentoo is built with its own copy of bzip2, making it vulnerable to CVE-2008-1372 (GLSA 200804-02). Versions less than 6.0-r2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2008-1372
MD5 | 61d954072f36172e15734e73f2ce0ff0
VMware Security Advisory 2008-0019
Posted Dec 4, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2.

tags | advisory
advisories | CVE-2008-4917, CVE-2008-1372
MD5 | bf8b9cd53f0f974f1f3e6b17c7c1826b
Gentoo Linux Security Advisory 200804-2
Posted Apr 3, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-02 - The Oulu University discovered that bzip2 does not properly check offsets provided by the bzip2 file, leading to a buffer overread. Versions less than 1.0.5 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1372
MD5 | 58f950dfe94adb27c139a0a3b6c6b84b
Ubuntu Security Notice 590-1
Posted Mar 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 590-1 - It was discovered that bzip2 did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially crafted bzip2 archive, applications linked against libbz2 could be made to crash, possibly leading to a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2008-1372
MD5 | 73750d6d375d42abb00e73ac27324bc7
Mandriva Linux Security Advisory 2008-075
Posted Mar 24, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Bzip2 versions before 1.0.5 are vulnerable to a denial of service attack via malicious compressed data.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2008-1372
MD5 | 8b04c1783e09b4625b6b82ad11e007d5
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close