|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200505-19] gxine: Format string vulnerability Vulnerability Scan
Vulnerability Scan Summary gxine: Format string vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200505-19
(gxine: Format string vulnerability)
Exworm discovered that gxine insecurely implements formatted
printing in the hostname decoding function.
Impact
A remote attacker could entice a user to open a carefully crafted
file with gxine, possibly leading to the execution of arbitrary code.
Workaround
There is no known workaround at this time.
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1692
http://www.securityfocus.com/bid/13707
http://www.0xbadexworm.org/adv/gxinefmt.txt
Solution:
All gxine users should upgrade to the latest available version:
# emerge --sync
# emerge --ask --oneshot --verbose media-video/gxine
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|