Family: Debian Local Security Checks --> Category: infos
[DSA578] DSA-578-1 mpg123 Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Carlos Barros has discovered a buffer overflow in the HTTP
authentication routine of mpg123, a popular (but non-free) MPEG layer
1/2/3 audio player. If a user opened a malicious playlist or URL, an
attacker might execute arbitrary code with the rights of the calling
For the stable distribution (woody) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your mpg123 package.
Solution : http://www.debian.org/security/2004/dsa-578
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.