Conectiva Local Security Checks : Conectiva Security Advisory CLA-2003:760

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51469

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLA-2003:760

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLA-2003:760.

MPlayer is a multimedia player that supports several video and audio
codecs.

Hernán Otero found[2] a remote buffer overflow vulnerability[3] in a
function which parses ASX streaming headers. An attacker can exploit
this vulnerability to potentially execute arbitrary code with the
privileges of the user who is running mplayer by using a specially
crafted ASF file (which can be served remotely).

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2003-0835[3] to this issue.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.securityfocus.com/archive/1/339330
http://www.securityfocus.com/archive/1/339193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0835
http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:760
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2003-0835
Bugtraq: 20030925 MPlayer Security Advisory #01: Remotely exploitable buffer overflow (Google Search)
http://marc.info/?l=bugtraq&m=106454257221455&w=2
Bugtraq: 20030926 Mplayer Buffer Overflow (Google Search)
http://marc.info/?l=bugtraq&m=106460912721618&w=2
Bugtraq: 20030929 GLSA: media-video/mplayer (200309-15) (Google Search)
http://marc.info/?l=bugtraq&m=106485005213109&w=2
Conectiva Linux advisory: CLA-2003:760
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000760

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51469
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2003:760
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2003:760. MPlayer is a multimedia player that supports several video and audio codecs. Hernán Otero found[2] a remote buffer overflow vulnerability[3] in a function which parses ASX streaming headers. An attacker can exploit this vulnerability to potentially execute arbitrary code with the privileges of the user who is running mplayer by using a specially crafted ASF file (which can be served remotely). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0835[3] to this issue. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityfocus.com/archive/1/339330 http://www.securityfocus.com/archive/1/339193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0835 http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:760 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0835 Bugtraq: 20030925 MPlayer Security Advisory #01: Remotely exploitable buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=106454257221455&w=2 Bugtraq: 20030926 Mplayer Buffer Overflow (Google Search) http://marc.info/?l=bugtraq&m=106460912721618&w=2 Bugtraq: 20030929 GLSA: media-video/mplayer (200309-15) (Google Search) http://marc.info/?l=bugtraq&m=106485005213109&w=2 Conectiva Linux advisory: CLA-2003:760 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000760
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com