Note: This is an archival copy of Security Sun Alert 200550 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000418.1.
Solaris 9 Operating System
Solaris 8 Operating System
Date of Resolved Release
Applications which are linked with "zlib" and utilize the gzprintf() function may be susceptible to a security vulnerability which could result in a denial of service, information leakage, or execution of arbitrary code due to a buffer overflow in the "zlib" gzprintf() function.
Sun does not distribute any applications with the Solaris Operating Environment which are linked with "zlib" and call gzprintf(). A large number of free applications and libraries have been identified as using "zlib" at http://www.gzip.org/zlib/apps.html. Some of this freeware is distributed on the Solaris Software Companion CDs but none is known to be vulnerable to this issue at this time.
This issue is described in CERT Vulnerability VU#142121 (see http://www.kb.cert.org/vuls/id/142121).
This issue can occur in the following releases:
Note 1: libz is not distributed with Solaris 7 or earlier releases.
Note 2: For a short period, patches 115754-01 and 115755-01 were available that purported to address this issue. However, this was not the case and 115754-02 and 115755-02 are required to address this issue as shown above.
There are no predictable symptoms that would show the described issue has been exploited.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment