Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:094: xine-lib Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the xine-lib package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:094 (xine-lib).
Two buffer overflow vulnerabilities were discovered in the MMS and Real RTSP
stream handlers in the Xine libraries. If a possible hacker can trick a user to
connect to a malicious MMS or RTSP video/audio stream source with any
application using this library, they could crash the client and possibly even
execute arbitrary code with the rights of the user running the player
The updated packages have been patched to correct these problems.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:094
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.