FreeBSD : mpg123 -- buffer overflow in URL handling (20d16518-2477-11d9-814e-0001020eed82)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Carlos Barros reports that mpg123 contains two buffer overflows. These
vulnerabilities can potentially lead to execution of arbitrary code.

The first buffer overflow can occur when mpg123 parses a URL with a
user-name/password field that is more than 256 characters long. This
problem can be triggered either locally or remotely via a specially
crafted play list. The second potential buffer overflow may be
triggered locally by a specially crafted symlink to the mpg123 binary.
This problem is not as serious, since mpg123 is not installed setuid
by default.

See also :

http://marc.info/?l=bugtraq&m=109834486312407
http://www.nessus.org/u?8a8db354

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18866 (freebsd_pkg_20d16518247711d9814e0001020eed82.nasl)

Bugtraq ID: 11468

CVE ID: CVE-2004-0982

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now