Mandrake Linux Security Advisory : libtunepimp (MDKSA-2006:126)
Medium Nessus Plugin ID 23877
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionKevin Kofler discovered multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp 0.4.2 that allow remote user-complicit attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate), (2) data, or (3) error strings.
Updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.