 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.831395 |
| Category: | Mandrake Local Security Checks |
| Title: | Mandriva Update for libmodplug MDVSA-2011:085 (libmodplug) |
| Summary: | The remote host is missing an update for the 'libmodplug'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'libmodplug' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in libmodplug: Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file (CVE-2011-1574). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct this issue. Affected Software/OS: libmodplug on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1574 1025480 http://securitytracker.com/id?1025480 44870 http://secunia.com/advisories/44870 48434 http://secunia.com/advisories/48434 8243 http://securityreason.com/securityalert/8243 DSA-2226 http://www.debian.org/security/2011/dsa-2226 GLSA-201203-16 http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml MDVSA-2011:085 http://www.mandriva.com/security/advisories?name=MDVSA-2011:085 RHSA-2011:0477 https://rhn.redhat.com/errata/RHSA-2011-0477.html USN-1148-1 https://www.ubuntu.com/usn/USN-1148-1/ [oss-security] 20110411 CVE request for libmodplug http://openwall.com/lists/oss-security/2011/04/11/6 [oss-security] 20110411 Re: CVE request for libmodplug http://openwall.com/lists/oss-security/2011/04/11/13 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091 http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b https://bugzilla.redhat.com/show_bug.cgi?id=695420 https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt |
| Copyright | Copyright (C) 2011 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |