 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.59748 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 7 FEDORA-2007-1045 (flac123) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to flac123 announced via advisory FEDORA-2007-1045. flac123 is a command-line program for playing FLAC audio files FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless Update Information: Updates package to 0.0.11, which solves vorbis comment parsing buffer overflow ChangeLog: * Thu Jul 12 2007 Sindre Pedersen Bjørdal - 0.0.11-1 - Bump to 0.0.11, this fixes #246322 and adds flac 1.1.4 support - Remove flac 1.1.3 patch, it's not needed anymore References: [ 1 ] Bug #246322 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=246322 [ 2 ] CVE-2007-3507 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3507 Updated packages: 1dae8eeb808bd837bca04666d4f1bbd710608937 flac123-0.0.11-1.fc7.ppc64.rpm 95da67f83d6b77b368568025708ab649ece63bf1 flac123-debuginfo-0.0.11-1.fc7.ppc64.rpm 745a2ca63673a8563d9340ca15b4043c7c87b4aa flac123-0.0.11-1.fc7.i386.rpm 25f4366db9a61152b417dae87260d3f9bd61fb92 flac123-debuginfo-0.0.11-1.fc7.i386.rpm d00f9d354e8861c45446acbb6acba68a8a267f54 flac123-0.0.11-1.fc7.x86_64.rpm 0934fe136f3419a5c16599a4e3b66efad227c911 flac123-debuginfo-0.0.11-1.fc7.x86_64.rpm 728c32658be8c8c78eca71e52a439fbee1b44e5d flac123-0.0.11-1.fc7.ppc.rpm 6a147cf049add5deda79ea589cf5b615f7cf0c49 flac123-debuginfo-0.0.11-1.fc7.ppc.rpm 82e751e9652d9e8dc704c494de97142d0b76a4d8 flac123-0.0.11-1.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-1045 Risk factor : Critical CVSS Score: 9.3 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-3507 BugTraq ID: 24712 http://www.securityfocus.com/bid/24712 Bugtraq: 20070629 flac123 0.0.9 - Stack overflow in comment parsing (Google Search) http://www.securityfocus.com/archive/1/472504/100/0/threaded http://security.gentoo.org/glsa/glsa-200709-06.xml http://www.isecpartners.com/advisories/2007-002-flactools.txt http://osvdb.org/40524 http://secunia.com/advisories/26827 http://securityreason.com/securityalert/2854 http://www.vupen.com/english/advisories/2007/2420 XForce ISS Database: flac123-vcentryparsevalue-bo(35175) https://exchange.xforce.ibmcloud.com/vulnerabilities/35175 |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |