The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[PLSN-0003] - Remote exploits in MPlayer


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Thu, 21 Apr 2005 16:50:13 -0400
From: Peachtree Linux Security Team <security@peachtree.burdell.org.>
To: [email protected]
Subject: [PLSN-0003] - Remote exploits in MPlayer
Message-ID: <20050421205013.GA20753@kevlar.burdell.org.>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="lrZ03NoBR/3+SXJZ"
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
X-Virus-Scanned: antivirus-gw at tyumen.ru


--lrZ03NoBR/3+SXJZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

---------------------------------------------------------------------------
Peachtree Linux Security Notice PLSN-0003
April 20, 2005

Remote buffer overflow and possible code execution in mplayer
http://www.mplayerhq.hu/homepage/design7/news.html#vuln10
http://www.mplayerhq.hu/homepage/design7/news.html#vuln11
---------------------------------------------------------------------------

The following Peachtree Linux releases are affected:

   Peachtre Linux release 1 ("Atlanta")

Description:

   http://www.mplayerhq.hu/homepage/design7/news.html#vuln10:
   A buffer overflow vulnerability exists in the RTSP stream module,
   which could allow a malicious RealMedia server to execute arbitrary
   code.

   http://www.mplayerhq.hu/homepage/design7/news.html#vuln11:
   A buffer overflow vulnerability exists in the MMST stream module,
   which could allow malicious servers of MMS or TCP streams to execute
   arbitrary code.

Packages:

   alpha
      MPlayer did not ship in rel1 for Alpha.  Alpha is not affected by this
      vulnerability, and therefore no update is provided.

   i386
      4e71851034e4263a12f9000bdc3c461e  mplayer-1.0pre7.i686.dist

   ppc
      901e0de5cc04cdddf94ff1cad9521776  mplayer-1.0pre7.ppc.dist

Solution:

   Download the appropriate package for your release of Peachtree Linux.
   Upgrade your system to the new package:

      distadd -u packagename

   Where package name is the name of the package file from the list above.

--=20
Peachtree Linux Security Team
http://peachtree.burdell.org/

--lrZ03NoBR/3+SXJZ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCaBIFnchtWYh7oqQRAtTDAJ4sttU2uVOxqi+QcuahLnwIQycZQQCfZ5E9
C0+Yy2yeCVArseGJfaXvtTw=
=QYGk
-----END PGP SIGNATURE-----

--lrZ03NoBR/3+SXJZ--


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру