ID de Prueba:	1.3.6.1.4.1.25623.1.0.52545
Categoría:	FreeBSD Local Security Checks
Título:	mplayer & libxine -- MMS and Real RTSP buffer overflow vulnerabilities
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: mplayer mplayer-gtk mplayer-gtk2 mplayer-esound mplayer-gtk-esound mplayer-gtk2-esound libxine CVE-2005-1195 Multiple heap-based buffer overflows in the code used to handle (1) MMST streams or (2) RealMedia RTSP streams in MPlayer 1.0pre6 and earlier allow remote malicious servers to execute arbitrary code. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1195 BugTraq ID: 13271 http://www.securityfocus.com/bid/13271 Bugtraq: 20050421 [PLSN-0003] - Remote exploits in MPlayer (Google Search) http://www.securityfocus.com/archive/1/396703 Bugtraq: 20050421 xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients (Google Search) http://seclists.org/lists/bugtraq/2005/Apr/0337.html http://www.gentoo.org/security/en/glsa/glsa-200504-19.xml http://www.osvdb.org/15711 http://www.osvdb.org/15712 http://securitytracker.com/id?1013771 http://secunia.com/advisories/15014 XForce ISS Database: mplayer-mmst-stream-bo(20175) https://exchange.xforce.ibmcloud.com/vulnerabilities/20175 XForce ISS Database: mplayer-rtsp-stream-bo(20171) https://exchange.xforce.ibmcloud.com/vulnerabilities/20171
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.