Mandrake Linux Security Advisory : mplayer (MDKSA-2004:157)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A number of vulnerabilities were discovered in the MPlayer program by
iDEFENSE, Ariel Berkman, and the MPlayer development team. These
vulnerabilities include potential heap overflows in Real RTSP and pnm
streaming code, stack overflows in MMST streaming code, and multiple
buffer overflows in the BMP demuxer and mp3lib code.

The updated packages have been patched to prevent these problems.

See also :

http://www.nessus.org/u?4c7dac8f
http://www.nessus.org/u?12ef3169
http://www.nessus.org/u?cdbcba84

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 16038 (mandrake_MDKSA-2004-157.nasl)

Bugtraq ID:

CVE ID: CVE-2000-0174
CVE-2004-1285
CVE-2004-1309
CVE-2004-1310
CVE-2004-1311

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now