Test ID:	1.3.6.1.4.1.25623.1.0.840404
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-912-1)
Summary:	The remote host is missing an update for the 'audiofile' package(s) announced via the USN-912-1 advisory.
Description:	Summary: The remote host is missing an update for the 'audiofile' package(s) announced via the USN-912-1 advisory. Vulnerability Insight: It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service. Affected Software/OS: 'audiofile' package(s) on Ubuntu 6.06, Ubuntu 8.04, Ubuntu 8.10, Ubuntu 9.04, Ubuntu 9.10. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5824 BugTraq ID: 33066 http://www.securityfocus.com/bid/33066 http://openwall.com/lists/oss-security/2008/12/30/1 http://secunia.com/advisories/33273 SuSE Security Announcement: SUSE-SR:2009:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html http://www.ubuntu.com/usn/USN-912-1 http://www.vupen.com/english/advisories/2009/0005
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.