APP: Zlib Compression Library Denial Of Service (1)
This signature detects attempts to exploit a known vulnerability against Zlib Compression Library. A successful attack can result in a denial-of-service condition.
Extended Description
The Zlib compression library is reportedly susceptible to a denial of service vulnerability. This vulnerability is caused by a failure of the application to properly handle malformed input during the decompression process. This vulnerability is reported to exist in version 1.2.1 of the library. Other versions are also likely affected.
Affected Products
Cvs cvs
Short Name
APP:ZLIB-COMPRES-LIB-DOS-1
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
(1) CVE-2004-0797 Compression Denial Library Of Service Zlib bid:11051
Release Date
11/30/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Sco
Suse
Macsftp
Trustix
Openpkg
Zlib
Avaya
Filezilla
Libpng
Macssh
Mandriva
Openbsd
Cvs
CVSS Score
2.1