Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:121: xine-lib Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the xine-lib package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:121 (xine-lib).
Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause
a denial of service (application crash) and possibly execute arbitrary code
via the (1) send_command, (2) string_utf16, (3) get_data, and (4)
get_media_packet functions, and possibly other functions. Xine-lib contains
an embedded copy of the same vulnerable code.
The updated packages have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:121
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.