Executive Summary
Summary | |
---|---|
Title | New libmodplug packages fix arbitrary code execution |
Informations | |||
---|---|---|---|
Name | DSA-1850 | First vendor Publication | 2009-08-04 |
Vendor | Debian | Last vendor Modification | 2009-08-04 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in libmodplug, the shared libraries for mod music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1438 It was discovered that libmodplug is prone to an integer overflow when processing a MED file with a crafted song comment or song name. CVE-2009-1513 It was discovered that libmodplug is prone to a buffer overflow in the PATinst function, when processing a long instrument name. For the stable distribution (lenny), these problems have been fixed in version 1:0.8.4-1+lenny1. For the oldstable distribution (etch), these problems have been fixed in version 1:0.7-5.2+etch1. For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 1:0.8.7-1. We recommend that you upgrade your libmodplug packages. |
Original Source
Url : http://www.debian.org/security/2009/dsa-1850 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13400 | |||
Oval ID: | oval:org.mitre.oval:def:13400 | ||
Title: | USN-771-1 -- libmodplug vulnerabilities | ||
Description: | It was discovered that libmodplug did not correctly handle certain parameters when parsing MED media files. If a user or automated system were tricked into opening a crafted MED file, an attacker could execute arbitrary code with privileges of the user invoking the program. Manfred Tremmel and Stanislav Brabec discovered that libmodplug did not correctly handle long instrument names when parsing PAT sample files. If a user or automated system were tricked into opening a crafted PAT file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.04 | ||
Family: | unix | Class: | patch |
Reference(s): | USN-771-1 CVE-2009-1438 CVE-2009-1513 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | libmodplug |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13584 | |||
Oval ID: | oval:org.mitre.oval:def:13584 | ||
Title: | DSA-1851-1 gst-plugins-bad0.10 -- integer overflow | ||
Description: | It was discovered that gst-plugins-bad0.10, the GStreamer plugins from the "bad" set, is prone to an integer overflow when processing a MED file with a crafted song comment or song name. For the stable distribution, this problem has been fixed in version 0.10.7-2+lenny2. For the oldstable distribution, this problem has been fixed in version 0.10.3-3.1+etch3. For the testing distribution and the unstable distribution , gst-plugins-bad0.10 links against libmodplug. We recommend that you upgrade your gst-plugins-bad0.10 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1851-1 CVE-2009-1438 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gst-plugins-bad0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8279 | |||
Oval ID: | oval:org.mitre.oval:def:8279 | ||
Title: | DSA-1851 gst-plugins-bad0.10 -- integer overflow | ||
Description: | It was discovered that gst-plugins-bad0.10, the GStreamer plugins from the "bad" set, is prone to an integer overflow when processing a MED file with a crafted song comment or song name. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1851 CVE-2009-1438 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gst-plugins-bad0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8306 | |||
Oval ID: | oval:org.mitre.oval:def:8306 | ||
Title: | DSA-1850 libmodplug -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in libmodplug, the shared libraries for mod music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that libmodplug is prone to an integer overflow when processing a MED file with a crafted song comment or song name. It was discovered that libmodplug is prone to a buffer overflow in the PATinst function, when processing a long instrument name. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1850 CVE-2009-1438 CVE-2009-1513 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libmodplug |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:128-1 (libmodplug) File : nvt/mdksa_2009_128_1.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1850-1 (libmodplug) File : nvt/deb_1850_1.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1851-1 (gst-plugins-bad0.10) File : nvt/deb_1851_1.nasl |
2009-07-29 | Name : Gentoo Security Advisory GLSA 200907-07 (libmodplug gst-plugins-bad) File : nvt/glsa_200907_07.nasl |
2009-07-06 | Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl |
2009-06-09 | Name : Mandrake Security Advisory MDVSA-2009:128 (libmodplug) File : nvt/mdksa_2009_128.nasl |
2009-06-05 | Name : Ubuntu USN-771-1 (libmodplug) File : nvt/ubuntu_771_1.nasl |
2009-05-05 | Name : Fedora Core 9 FEDORA-2009-4064 (libmodplug) File : nvt/fcore_2009_4064.nasl |
2009-05-05 | Name : Fedora Core 10 FEDORA-2009-4068 (libmodplug) File : nvt/fcore_2009_4068.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
54109 | libmodplug src/load_pat.c PATinst() Function Overflow |
53801 | libmodplug src/load_med.cpp CSoundFile::ReadMed() Function MED File Handling ... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1850.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1851.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_gstreamer010-plugins-bad-6251.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_gstreamer-0_10-plugins-bad-090515.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gstreamer-0_10-plugins-bad-090514.nasl - Type : ACT_GATHER_INFO |
2009-07-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200907-07.nasl - Type : ACT_GATHER_INFO |
2009-06-05 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-128.nasl - Type : ACT_GATHER_INFO |
2009-05-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-771-1.nasl - Type : ACT_GATHER_INFO |
2009-04-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-4064.nasl - Type : ACT_GATHER_INFO |
2009-04-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-4068.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:28:41 |
|