Test ID:	1.3.6.1.4.1.25623.1.0.59209
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-521-1 (libmodplug)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libmodplug announced via advisory USN-521-1. A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Details follow: Luigi Auriemma discovered that libmodplug did not properly sanitize its input. A specially crafted AMF file could be used to exploit this situation to cause buffer overflows and possibly execute arbitrary code as the user. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libmodplug0c2 1:0.7-5ubuntu0.6.06.1 Ubuntu 6.10: libmodplug0c2 1:0.7-5ubuntu0.6.10.1 In general, a standard system upgrade is sufficient to affect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-521-1 Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4192 BugTraq ID: 19448 http://www.securityfocus.com/bid/19448 Bugtraq: 20060809 Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8 (Google Search) http://www.securityfocus.com/archive/1/442721/100/100/threaded http://security.gentoo.org/glsa/glsa-200612-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:001 http://aluigi.altervista.org/adv/mptho-adv.txt RedHat Security Advisories: RHSA-2011:0477 https://rhn.redhat.com/errata/RHSA-2011-0477.html http://secunia.com/advisories/21418 http://secunia.com/advisories/22080 http://secunia.com/advisories/22658 http://secunia.com/advisories/23294 http://secunia.com/advisories/23555 http://secunia.com/advisories/26979 http://securityreason.com/securityalert/1397 SuSE Security Announcement: SUSE-SR:2006:023 (Google Search) http://www.novell.com/linux/security/advisories/2006_23_sr.html http://www.ubuntu.com/usn/usn-521-1 http://www.vupen.com/english/advisories/2006/3231 http://www.vupen.com/english/advisories/2006/4310 XForce ISS Database: openmpt-loadit-bo(28305) https://exchange.xforce.ibmcloud.com/vulnerabilities/28305 XForce ISS Database: openmpt-readsample-bo(28309) https://exchange.xforce.ibmcloud.com/vulnerabilities/28309
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.