|
Family: Debian Local Security Checks --> Category: infos
[DSA578] DSA-578-1 mpg123 Vulnerability Scan
Vulnerability Scan Summary DSA-578-1 mpg123
Detailed Explanation for this Vulnerability Test
Carlos Barros has discovered a buffer overflow in the HTTP
authentication routine of mpg123, a popular (but non-free) MPEG layer
1/2/3 audio player. If a user opened a malicious playlist or URL, an
attacker might execute arbitrary code with the rights of the calling
user.
For the stable distribution (woody) this problem has been fixed in
version 0.59r-13woody4.
For the unstable distribution (sid) this problem has been fixed in
version 0.59r-17.
We recommend that you upgrade your mpg123 package.
Solution : http://www.debian.org/security/2004/dsa-578
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|