This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200609-08
(xine-lib: Buffer overflows)
xine-lib contains buffer overflows in the processing of AVI.
Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP
plugin (xineplug_inp_http.so) via a long reply from an HTTP server.
An attacker could trigger the buffer overflow vulnerabilities by
enticing a user to load a specially crafted AVI file in xine. This
might result in the execution of arbitrary code with the rights of the
user running xine. Additionally, a remote HTTP server serving a xine
client a specially crafted reply could crash xine and possibly execute
There is no known workaround at this time.
See also :
All xine-lib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/xine-lib-1.1.2-r2'
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.5
Public Exploit Available : true
Family: Gentoo Local Security Checks
Nessus Plugin ID: 22353 (gentoo_GLSA-200609-08.nasl)
Bugtraq ID: 18187
CVE ID: CVE-2006-2802
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.