FreeBSD Local Security Checks : FreeBSD Ports: mpg123, mpg123-nas, mpg123-esound

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.52396

Category: FreeBSD Local Security Checks

Title: FreeBSD Ports: mpg123, mpg123-nas, mpg123-esound

Summary: FreeBSD Ports: mpg123, mpg123-nas, mpg123-esound

Description: The remote host is missing an update to the system
as announced in the referenced advisory.

The following packages are affected:
mpg123
mpg123-nas
mpg123-esound

CVE-2004-0805
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s
allows remote attackers to execute arbitrary code via a certain (1)
mp3 or (2) mp2 file.

Solution:
Update your system with the appropriate patches or
software upgrades.

http://www.alighieri.org/advisories/advisory-mpg123.txt
http://www.vuxml.org/freebsd/15e0e963-02ed-11d9-a209-00061bc2ad93.html

Cross-Ref: BugTraq ID: 11121
Common Vulnerability Exposure (CVE) ID: CVE-2004-0805
Bugtraq: 20040916 mpg123 buffer overflow vulnerability (Google Search)
http://www.securityfocus.com/archive/1/374433
http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html
http://www.alighieri.org/advisories/advisory-mpg123.txt
Debian Security Information: DSA-564 (Google Search)
http://www.debian.org/security/2004/dsa-564
http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100
http://www.securityfocus.com/bid/
XForce ISS Database: mpg123-layer2c-bo(17287)
http://xforce.iss.net/xforce/xfdb/17287

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.52396
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: mpg123, mpg123-nas, mpg123-esound
Summary:	FreeBSD Ports: mpg123, mpg123-nas, mpg123-esound
Description:	The remote host is missing an update to the system as announced in the referenced advisory. The following packages are affected: mpg123 mpg123-nas mpg123-esound CVE-2004-0805 Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. Solution: Update your system with the appropriate patches or software upgrades. http://www.alighieri.org/advisories/advisory-mpg123.txt http://www.vuxml.org/freebsd/15e0e963-02ed-11d9-a209-00061bc2ad93.html
Cross-Ref:	BugTraq ID: 11121 Common Vulnerability Exposure (CVE) ID: CVE-2004-0805 Bugtraq: 20040916 mpg123 buffer overflow vulnerability (Google Search) http://www.securityfocus.com/archive/1/374433 http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html http://www.alighieri.org/advisories/advisory-mpg123.txt Debian Security Information: DSA-564 (Google Search) http://www.debian.org/security/2004/dsa-564 http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100 http://www.securityfocus.com/bid/ XForce ISS Database: mpg123-layer2c-bo(17287) http://xforce.iss.net/xforce/xfdb/17287
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com