Oval Definition:
oval:org.mitre.oval:def:749
Revision Date
:
2005-09-21
Version
:
3
Title
:
bzip2 Decompression Bomb
Description
:
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2005-1260
Platform(s)
:
Red Hat Enterprise Linux 3
Product(s)
:
bzip2
Definition Synopsis
Software section
Red Hat Enterprise 3 is installed
AND
bzip2 RPM earlier than 0:1.0.2-11.EL3.4
AND
Configuration section
/usr/bin/bzip2 is executable
BACK