|
Family: Debian Local Security Checks --> Category: infos
[DSA564] DSA-564-1 mpg123 Vulnerability Scan
Vulnerability Scan Summary DSA-564-1 mpg123
Detailed Explanation for this Vulnerability Test
Davide Del Vecchio discovered a vulnerability in mpg123, a popular (but
non-free) MPEG layer 1/2/3 audio player. A malicious MPEG layer 2/3
file could cause the header checks in mpg123 to fail, which could in
turn allow arbitrary code to be executed with the rights of the
user running mpg123.
For the stable distribution (woody) this problem has been fixed in
version 0.59r-13woody3.
For the unstable distribution (sid) this problem has been fixed in
version 0.59r-16.
We recommend that you upgrade your mpg123 package.
Solution : http://www.debian.org/security/2004/dsa-564
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|