Test ID:	1.3.6.1.4.1.25623.1.0.50797
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2002:022 (zlib)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to zlib announced via advisory MDKSA-2002:022. Matthias Clasen found a security issue in zlib that, when provided with certain input, causes zlib to free an area of memory twice. This double free bug can be used to crash any programs that take untrusted compressed input, such as web browsers, email clients, image viewing software, etc. This vulnerability can be used to perform Denial of Service attacks and, quite possibly, the execution of arbitrary code on the affected system. MandrakeSoft has published two advisories concerning this incident: MDKSA-2002:022 - zlib MDKSA-2002:023 - packages containing zlib The second advisory contains additional packages that bring their own copies of the zlib source, and as such need to be fixed and rebuilt. Updating the zlib library is sufficient to protect those programs that use the system zlib, but the packages as noted in MDKSA-2002:023 will need to be updated for those packages that do not use the system zlib. Affected versions: 7.1, 7.2, 8.0, 8.1, Corporate Server 1.0.1, Single Network Firewall 7.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2002:022 http://www.kb.cert.org/vuls/id/368819 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.