Test ID:	1.3.6.1.4.1.25623.1.0.67129
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-912-1 (audiofile)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to audiofile announced via advisory USN-912-1. Details follow: It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libaudiofile0 0.2.6-6ubuntu1.1 Ubuntu 8.04 LTS: libaudiofile0 0.2.6-7ubuntu1.8.04.1 Ubuntu 8.10: libaudiofile0 0.2.6-7ubuntu1.8.10.1 Ubuntu 9.04: libaudiofile0 0.2.6-7ubuntu1.9.04.1 Ubuntu 9.10: libaudiofile0 0.2.6-7ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-912-1 Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5824 BugTraq ID: 33066 http://www.securityfocus.com/bid/33066 http://openwall.com/lists/oss-security/2008/12/30/1 http://secunia.com/advisories/33273 SuSE Security Announcement: SUSE-SR:2009:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html http://www.ubuntu.com/usn/USN-912-1 http://www.vupen.com/english/advisories/2009/0005
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.