Test ID:	1.3.6.1.4.1.25623.1.0.70092
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2011:1264
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2011:1264. The gstreamer-plugins packages contain plug-ins used by the GStreamer streaming-media framework to support a wide variety of media formats. An integer overflow flaw, a boundary error, and multiple off-by-one flaws were found in various ModPlug music file format library (libmodplug) modules, embedded in GStreamer. An attacker could create specially-crafted music files that, when played by a victim, would cause applications using GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915) All users of gstreamer-plugins are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, all applications using GStreamer (such as Rhythmbox) must be restarted for the changes to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-1264.html Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2911 45131 http://secunia.com/advisories/45131 45658 http://secunia.com/advisories/45658 45742 http://secunia.com/advisories/45742 45901 http://secunia.com/advisories/45901 46032 http://secunia.com/advisories/46032 46043 http://secunia.com/advisories/46043 46793 http://secunia.com/advisories/46793 48058 http://secunia.com/advisories/48058 48434 http://secunia.com/advisories/48434 48439 http://secunia.com/advisories/48439 48979 http://www.securityfocus.com/bid/48979 74208 http://www.osvdb.org/74208 DSA-2415 http://www.debian.org/security/2012/dsa-2415 FEDORA-2011-10503 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html FEDORA-2011-12370 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html GLSA-201203-14 http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml GLSA-201203-16 http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml RHSA-2011:1264 http://rhn.redhat.com/errata/RHSA-2011-1264.html USN-1255-1 http://ubuntu.com/usn/usn-1255-1 [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 http://www.openwall.com/lists/oss-security/2011/08/10/4 [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 http://www.openwall.com/lists/oss-security/2011/08/12/4 http://jira.atheme.org/browse/AUDPLUG-394 http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8 http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/ libmodplug-wav-bo(68983) https://exchange.xforce.ibmcloud.com/vulnerabilities/68983 openSUSE-SU-2011:0943 http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2912 74209 http://www.osvdb.org/74209 http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20 libmodplug-s3m-bo(68984) https://exchange.xforce.ibmcloud.com/vulnerabilities/68984 Common Vulnerability Exposure (CVE) ID: CVE-2011-2913 74210 http://www.osvdb.org/74210 http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef libmodplug-ams-code-execution(68985) https://exchange.xforce.ibmcloud.com/vulnerabilities/68985 Common Vulnerability Exposure (CVE) ID: CVE-2011-2914 74211 http://www.osvdb.org/74211 libmodplug-dsm-code-execution(68986) Common Vulnerability Exposure (CVE) ID: CVE-2011-2915 http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea libmodplug-csoundfile-code-exec(68987) https://exchange.xforce.ibmcloud.com/vulnerabilities/68987
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.