|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200609-01] Streamripper: Multiple remote buffer overflows Vulnerability Scan
Vulnerability Scan Summary Streamripper: Multiple remote buffer overflows
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200609-01
(Streamripper: Multiple remote buffer overflows)
Ulf Harnhammar, from the Debian Security Audit Project, has found that
Streamripper is vulnerable to multiple stack based buffer overflows
caused by improper bounds checking when processing malformed HTTP
headers.
Impact
By enticing a user to connect to a malicious server, a possible hacker could
execute arbitrary code with the permissions of the user running
Streamripper
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3124
Solution:
All Streamripper users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-sound/streamripper-1.61.26"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|