Download
| Alert*
oval:org.secpod.oval:def:2000377
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. oval:org.secpod.oval:def:39285 libzzip-dev is installed oval:org.secpod.oval:def:93888 zziplib: The ZZIPlib provides read access on ZIP-archives and unpacked data Several security issues were fixed in ZZIPlib. oval:org.secpod.oval:def:708365 zziplib: The ZZIPlib provides read access on ZIP-archives and unpacked data Several security issues were fixed in ZZIPlib. oval:org.secpod.oval:def:2001241 Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file. oval:org.secpod.oval:def:2001264 An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. oval:org.secpod.oval:def:2000038 An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack. oval:org.secpod.oval:def:39289 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39292 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39282 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39286 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39287 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39288 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39290 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39291 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:2000882 In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. oval:org.secpod.oval:def:2001202 In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. oval:org.secpod.oval:def:2001356 In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function because the size variable is not validated against the amount of file->stored data. oval:org.secpod.oval:def:2000570 In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in __zzip_fetch_disk_trailer . Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. oval:org.secpod.oval:def:2001592 In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. oval:org.secpod.oval:def:2000106 An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service. oval:org.secpod.oval:def:2001473 An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. |