[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] zlib security problem (question)

Re-reading the advisory, I understand how this could affect my workstation
because I routinely hit potentially untrusted sites with my browser and
expect that all is well.  

How would a remote attacker exploit a buffer overflow of this nature on a
server?  My servers don't run X or mozilla, and as far as I know, exist only
to serve requests from untrusted sources, not recieve information other than
whatever is in the request.  Can a malicious packet take advantage of this
bug, potentially?  I realise there are no published exploits for this yet,
I'm asking more about the theory behind such an attack rather than specifics
on this particular bug.  


> From slashdot come distressing news:
>  "CNET is reporting that there is a buffer overflow problem  with zlib
> in linux, which is used for network compression. Supposedly, someone
> could remotely cause a buffer overflow through mozilla, X11 and many
> other programs." The advisory from Red Hat is available.
> http://www.linuxsecurity.com/advisories/redhat_advisory-1963.html has
> the advisory and links to the update packages for RedHat. I'm not sure
> if this is RedHat specific (I don't think so), but the security
> implications of hitting a crafted png image on a website and having a
> backdoor inserted is very unnerving.
> -- 
> James P. Kinney III   \Changing the mobile computing world/
> President and COO      \          one Linux user         /
> Local Net Solutions,LLC \           at a time.          /
> 770-493-8244             \.___________________________./
> GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> <jkinney at localnetsolutions.com>
> Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 

This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.