FreeBSD : mpg123 -- buffer overflow in URL handling (20d16518-2477-11d9-814e-0001020eed82)

critical Nessus Plugin ID 18866

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Carlos Barros reports that mpg123 contains two buffer overflows. These vulnerabilities can potentially lead to execution of arbitrary code.

The first buffer overflow can occur when mpg123 parses a URL with a user-name/password field that is more than 256 characters long. This problem can be triggered either locally or remotely via a specially crafted play list. The second potential buffer overflow may be triggered locally by a specially crafted symlink to the mpg123 binary.
This problem is not as serious, since mpg123 is not installed setuid by default.

Solution

Update the affected packages.

See Also

https://marc.info/?l=bugtraq&m=109834486312407

http://www.nessus.org/u?29463bfb

Plugin Details

Severity: Critical

ID: 18866

File Name: freebsd_pkg_20d16518247711d9814e0001020eed82.nasl

Version: 1.19

Type: local

Published: 7/13/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mpg123, p-cpe:/a:freebsd:freebsd:mpg123-esound, p-cpe:/a:freebsd:freebsd:mpg123-nas, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 10/23/2004

Vulnerability Publication Date: 10/2/2004

Reference Information

CVE: CVE-2004-0982

BID: 11468