English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 126339 CVE descriptions
and 74190 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:126
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : libtunepimp
 Date    : July 18, 2006
 Affected: 2006.0
 _______________________________________________________________________
 
 Problem Description:
 
 Kevin Kofler discovered multiple stack-based buffer overflows in the 
 LookupTRM::lookup function in libtunepimp 0.4.2 that allow remote 
 user-complicit attackers to cause a denial of service (application crash) 
 and possibly execute code via a long (1) Album release date 
 (MBE_ReleaseGetDate), (2) data, or (3) error strings.
 
 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 fdb516cf3dea20bf1d88fdbfd14c6d5c  2006.0/RPMS/libtunepimp2-0.3.0-3.2.20060mdk.i586.rpm
 5e10b7d6d6455c3b7be8a8cc21957f04  2006.0/RPMS/libtunepimp2-devel-0.3.0-3.2.20060mdk.i586.rpm
 3eb6321a88393a9614346a7104eba2b5  2006.0/RPMS/libtunepimp2-static-devel-0.3.0-3.2.20060mdk.i586.rpm
 5dbdeb4ee582712d8fc368d37b6a0174  2006.0/RPMS/libtunepimp2-utils-0.3.0-3.2.20060mdk.i586.rpm
 05b7eb248b94c2782ae877304bdc09d2  2006.0/SRPMS/libtunepimp-0.3.0-3.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 bce87a055a585ea8591cfefe5da6c6cb  x86_64/2006.0/RPMS/lib64tunepimp2-0.3.0-3.2.20060mdk.x86_64.rpm
 20a641a6086e7a752b4f52be49dc743a  x86_64/2006.0/RPMS/lib64tunepimp2-devel-0.3.0-3.2.20060mdk.x86_64.rpm
 14cb96ff49c1607c6ddc58c097bce42f  x86_64/2006.0/RPMS/lib64tunepimp2-static-devel-0.3.0-3.2.20060mdk.x86_64.rpm
 b8910c32850f889d310cc66d7c03f99e  x86_64/2006.0/RPMS/lib64tunepimp2-utils-0.3.0-3.2.20060mdk.x86_64.rpm
 05b7eb248b94c2782ae877304bdc09d2  x86_64/2006.0/SRPMS/libtunepimp-0.3.0-3.2.20060mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEvVOqmqjQ0CJFipgRAmT/AJwN6lZ2N9vVrCTCfeu+P4GCqYrvWACfbQWw
ymaorFMK/yxskvkYtm/e7XI=
=AIkB
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.