| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040331120716.GY24315@mail.lieber.org>
Date: Wed, 31 Mar 2004 07:07:16 -0500
From: Kurt Lieber <klieber@...too.org>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
alerts@...uxsecurity.com
Subject: [ GLSA 200403-13 ] Remote buffer overflow in MPlayer
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200403-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Remote buffer overflow in MPlayer
Date: March 31, 2004
Bugs: #46246
ID: 200403-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
MPlayer contains a remotely exploitable buffer overflow in the HTTP
parser that may allow attackers to run arbitrary code on a user's
computer.
Background
==========
Quote from http://mplayerhq.hu
"MPlayer is a movie player for LINUX (runs on many other Unices, and
non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI,
OGG/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, YUV4MPEG,
FILM, RoQ, PVA files, supported by many native, XAnim, and Win32 DLL
codecs. You can watch VideoCD, SVCD, DVD, 3ivx, DivX 3/4/5 and even WMV
movies, too."
Affected packages
=================
-------------------------------------------------------------------
Package/ Vulnerable / Unaffected
-------------------------------------------------------------------
mplayer <= 0.92 >= 0.92-r1
mplayer <= mplayer-1.0_pre2 >= mplayer-1.0_pre2-r1
mplayer <= mplayer-1.0_pre3 >= mplayer-1.0_pre3-r3
Description
===========
A vulnerability exists in the MPlayer HTTP parser which may allow an
attacker to craft a special HTTP header ("Location:") which will trick
MPlayer into executing arbitrary code on the user's computer.
Impact
======
An attacker without privileges may exploit this vulnerability remotely,
allowing arbitrary code to be executed in order to gain unauthorized
access.
Workaround
==========
A workaround is not currently known for this issue. All users are
advised to upgrade to the latest version of the affected package.
Resolution
==========
MPlayer may be upgraded as follows:
x86 and sparc:
# emerge sync
# emerge -pv ">=media-video/mplayer-0.92-r1"
# emerge ">=media-video/mplayer-0.92-r1"
amd64:
# emerge sync
# emerge -pv ">=media-video/mplayer-1.0_pre2-r1"
# emerge ">=media-video/mplayer-1.0_pre2-r1"
ppc:
# emerge sync
# emerge -pv ">=media-video/mplayer-1.0_pre3-r2"
# emerge ">=media-video/mplayer-1.0_pre3-r2"
References
==========
[ 1 ] http://www.mplayerhq.hu/homepage/design6/news.html
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@...too.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists