BugTraq
[PLSN-0003] - Remote exploits in MPlayer Apr 21 2005 08:50PM
Peachtree Linux Security Team (security peachtree burdell org)
------------------------------------------------------------------------
---
Peachtree Linux Security Notice PLSN-0003
April 20, 2005

Remote buffer overflow and possible code execution in mplayer
http://www.mplayerhq.hu/homepage/design7/news.html#vuln10
http://www.mplayerhq.hu/homepage/design7/news.html#vuln11
------------------------------------------------------------------------
---

The following Peachtree Linux releases are affected:

Peachtre Linux release 1 ("Atlanta")

Description:

http://www.mplayerhq.hu/homepage/design7/news.html#vuln10:
A buffer overflow vulnerability exists in the RTSP stream module,
which could allow a malicious RealMedia server to execute arbitrary
code.

http://www.mplayerhq.hu/homepage/design7/news.html#vuln11:
A buffer overflow vulnerability exists in the MMST stream module,
which could allow malicious servers of MMS or TCP streams to execute
arbitrary code.

Packages:

alpha
MPlayer did not ship in rel1 for Alpha. Alpha is not affected by this
vulnerability, and therefore no update is provided.

i386
4e71851034e4263a12f9000bdc3c461e mplayer-1.0pre7.i686.dist

ppc
901e0de5cc04cdddf94ff1cad9521776 mplayer-1.0pre7.ppc.dist

Solution:

Download the appropriate package for your release of Peachtree Linux.
Upgrade your system to the new package:

distadd -u packagename

Where package name is the name of the package file from the list above.

--
Peachtree Linux Security Team
http://peachtree.burdell.org/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus