Anyone seen this?
http://www.kb.cert.org/vuls/id/368819
Here's the text... Any idea if Cobalts are vulnerable as Red Hat 6.2 is?
Also, don't freak out - apparently nobody has seen it actually exploited
yet.
Summary:
There is a bug in the zlib compression library that may manifest itself as a
vulnerability in programs that are linked with zlib. This may allow an
attacker to conduct a denial-of-service attack, gather information, or
execute arbitrary code.
It is important to note that the CERT/CC has not received any reports of
exploitation of this bug. Based on the information available to us at this
time, it is difficult to determine whether this bug can be successfully
exploited. However, given the widespread deployment of zlib, we have
published this document as a preventative measure.
Take care.
Rick Ewart
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security