Multiple Vendors Zoo Compression Algorithm Remote Denial of Service Vulnerability

Bugtraq ID:	23823
Class:	Design Error
CVE:	CVE-2007-1669 CVE-2007-1670 CVE-2007-1672 CVE-2007-1673 CVE-2007-2535 CVE-2007-2536 CVE-2007-1671
Remote:	Yes
Local:	No
Published:	May 04 2007 12:00AM
Updated:	Jul 06 2016 02:39PM
Credit:	Jean-Sebastien Guay-Leroux is credited with discovering this issue.
Vulnerable:	Zoo Zoo 2.10 Winace Winace 2.6 05 Winace Winace 2.5 Winace Winace 2.60 unzoo unzoo 4.4 -2 PicoZip PicoZip 4.0.2 PicoZip PicoZip 4.0.1 Panda Titanium 2006 Antivirus + Antispyware Panda Titanium 2005 Antivirus Panda Platinum 2007 Internet Security 0 Panda Platinum 2006 Internet Security Panda Panda ActiveScan 5.53 Panda Antivirus Platinum 2.0 - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 3.5.1 - Microsoft Windows NT 4.0 Panda Antivirus for NetWare 2.0 - Novell Netware 5.1 - Novell Netware 5.0 Panda ActiveScan 5.54.1 Panda ActiveScan 5.53 Panda ActiveScan 5.0 Barracuda Networks Barracuda Spam Firewall 3.3.15 026 Barracuda Networks Barracuda Spam Firewall 3.1.18 firmware Barracuda Networks Barracuda Spam Firewall 3.1.17 firmware Barracuda Networks Barracuda Spam Firewall 3.3.03.055 Barracuda Networks Barracuda Spam Firewall 3.3.03.053 Barracuda Networks Barracuda Spam Firewall 3.3.03.022 firmware Barracuda Networks Barracuda Spam Firewall 3.3.01.001 Barracuda Networks Barracuda Spam Firewall 3.3.0.54 AVIRA Desktop for Windows 1.0 0.00.68 AVIRA AntiVir Workstation Professional Build 367 AVIRA AntiVir PersonalEdition Premium Build 228 AVIRA AntiVir PersonalEdition Classic Build 180 AVIRA Antivir 6.35.00.00 Avast! Avast! Linux Home Edition 1.0.5 Avast! Avast! Linux Home Edition 1.0.5-1 Avast! Antivirus Server Edition 4.7.726 Avast! Antivirus Server Edition 4.7.676 Avast! Antivirus Server Edition 4.7.660 Avast! Antivirus Server Edition 4.6.566 Avast! Antivirus Server Edition 4.6.489 Avast! Antivirus Server Edition 4.6.460 Avast! Antivirus Professional Edition 4.7.844 Avast! Antivirus Professional Edition 4.7.827 Avast! Antivirus Professional Edition 4.6.691 Avast! Antivirus Professional Edition 4.6.665 Avast! Antivirus Professional Edition 4.6.652 Avast! Antivirus Professional Edition 4.6.603 Avast! Antivirus Professional Edition 4.6 Avast! Antivirus Professional Edition 4.0 Avast! Antivirus Managed Client 4.6.394 Avast! Antivirus Managed Client Avast! Antivirus Home Edition 4.7.869 Avast! Antivirus Home Edition 4.7.844 Avast! Antivirus Home Edition 4.7.827 Avast! Antivirus Home Edition 4.6.691 Avast! Antivirus Home Edition 4.6.665 Avast! Antivirus Home Edition 4.6.655 Avast! Antivirus Home Edition 4.6.652 Avast! Antivirus Home Edition 4.6 Avast! Antivirus Home Edition 4.0
Not Vulnerable:

Multiple Vendors Zoo Compression Algorithm Remote Denial of Service Vulnerability

The Zoo compression algorithm is prone to a remote denial-of-service vulnerability. This issue arises when applications implementing the Zoo algorithm process certain malformed archives.

A successful attack can exhaust system resources and trigger a denial-of-service condition.

This issue affects Zoo 2.10 and other applications implementing the vulnerable algorithm.

Multiple Vendors Zoo Compression Algorithm Remote Denial of Service Vulnerability

The following exploit code is available:

• /data/vulnerabilities/exploits/23823.c

Multiple Vendors Zoo Compression Algorithm Remote Denial of Service Vulnerability

Solution:
The reporter of this issue indicates that multiple vendor fixes are available. Symantec has not confirmed this. Please see the references for more information.

Unzoo is no longer maintained; fixes are not available.

Currently we are not aware of any vendor-supplied patches for WinAce or PicoZip. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Multiple Vendors Zoo Compression Algorithm Remote Denial of Service Vulnerability

References:

• Avast! Homepage (Avast!)
  
• Avira Homepage (Avira)
  
• Barracuda Networks Spam Firewall Home Page (Barracuda Networks)
  
• Barracuda Spam Firewall Product Page (Barracuda Networks)
  
• Panda Software Homepage (Panda Software)
  
• PicoZip Web Site (PicoZip)
  
• Winace Homepage (Winace)
  
• Multiple vendors ZOO file decompression infinite loop DoS (Jean-Sebastien Guay-Leroux)
  
• Unzoo Homepage (Unzoo)