[24687] in bugtraq
Re: about zlib vulnerability
daemon@ATHENA.MIT.EDU (Paul Wouters)
Thu Mar 14 19:38:34 2002
Date: Fri, 15 Mar 2002 01:16:41 +0100 (MET)
From: Paul Wouters <paul@xtdnet.nl>
To: tele <tele@duepi.it>
Cc: <bugtraq@securityfocus.com>
In-Reply-To: <20020314004010.B2283-100000@shade.bofh.net>
Message-ID: <Pine.LNX.4.33.0203150114270.15946-100000@expansionpack.xtdnet.nl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Thu, 14 Mar 2002, tele wrote:
> The vulnerable zlib 1.1.3 code can be even found on the freeswan
> 1.95 source tree and previous versions, therefore there's a
> potential vulnerability at kernel level; besides at the web site
> http://www.freeswan.org the problem is not properly treated.
From the Freeswan list:
Henry Spencer <henry@spsystems.net> wrote:
> The FreeS/WAN project classes this bug as non-critical, because an IPsec
> packet must pass authentication (and be successfully decrypted) before our
> copy of zlib is asked to decompress it, even if the configuration permits
> compression (which the default ones do not). This greatly limits real
> exposure as a result of this bug.
>
> Our next release (1.97, expected at the beginning of April) will
> incorporate the fix.
Paul
