Executive Summary
Summary | |
---|---|
Title | mikmod security update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0720 | First vendor Publication | 2010-09-28 |
Vendor | RedHat | Last vendor Modification | 2010-09-28 |
Severity (Vendor) | Moderate | Revision | 02 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated mikmod packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: MikMod is a MOD music file player for Linux, UNIX, and similar operating systems. It supports various file formats including MOD, STM, S3M, MTM, XM, ULT, and IT. Multiple input validation flaws, resulting in buffer overflows, were discovered in MikMod. Specially-crafted music files in various formats could, when played, cause an application using the MikMod library to crash or, potentially, execute arbitrary code. (CVE-2009-3995, CVE-2009-3996, CVE-2007-6720) All MikMod users should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using the MikMod library must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 479829 - CVE-2007-6720 mikmod: crash or abort when loading/playing multiple files with different number of channels 614643 - CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0720.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11794 | |||
Oval ID: | oval:org.mitre.oval:def:11794 | ||
Title: | DSA-2071 libmikmod -- buffer overflows | ||
Description: | Dyon Balding discovered buffer overflows in the MikMod sound library, which could lead to the execution of arbitrary code if a user is tricked into opening malformed Impulse Tracker or Ultratracker sound files. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2071 CVE-2009-3995 CVE-2009-3996 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | libmikmod |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12580 | |||
Oval ID: | oval:org.mitre.oval:def:12580 | ||
Title: | DSA-2081-1 libmikmod -- buffer overflow | ||
Description: | Tomas Hoger discovered that the upstream fix for CVE-2009-3995 was insufficient. This update provides a corrected package. For the stable distribution, this problem has been fixed in version 3.1.11-6.0.1+lenny1. For the unstable distribution, these problems have been fixed in version 3.1.11-6.3. We recommend that you upgrade your libmikmod packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2081-1 CVE-2010-2546 CVE-2009-3995 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | libmikmod |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13301 | |||
Oval ID: | oval:org.mitre.oval:def:13301 | ||
Title: | DSA-2071-1 libmikmod -- buffer overflows | ||
Description: | Dyon Balding discovered buffer overflows in the MikMod sound library, which could lead to the execution of arbitrary code if a user is tricked into opening malformed Impulse Tracker or Ultratracker sound files. For the stable distribution, these problems have been fixed in version 3.1.11-6+lenny1. For the unstable distribution, these problems have been fixed in version 3.1.11-6.2. We recommend that you upgrade your libmikmod packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2071-1 CVE-2009-3995 CVE-2009-3996 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | libmikmod |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13470 | |||
Oval ID: | oval:org.mitre.oval:def:13470 | ||
Title: | USN-995-1 -- libmikmod vulnerabilities | ||
Description: | It was discovered that libMikMod incorrectly handled songs with different channel counts. If a user were tricked into opening a crafted song file, an attacker could cause a denial of service. It was discovered that libMikMod incorrectly handled certain malformed XM files. If a user were tricked into opening a crafted XM file, an attacker could cause a denial of service. It was discovered that libMikMod incorrectly handled certain malformed Impulse Tracker files. If a user were tricked into opening a crafted Impulse Tracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libMikMod incorrectly handled certain malformed Ultratracker files. If a user were tricked into opening a crafted Ultratracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program | ||
Family: | unix | Class: | patch |
Reference(s): | USN-995-1 CVE-2007-6720 CVE-2009-0179 CVE-2009-3995 CVE-2010-2546 CVE-2010-2971 CVE-2009-3996 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 9.10 | Product(s): | libmikmod |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22080 | |||
Oval ID: | oval:org.mitre.oval:def:22080 | ||
Title: | RHSA-2010:0720: mikmod security update (Moderate) | ||
Description: | Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0720-02 CESA-2010:0720 CVE-2007-6720 CVE-2009-3995 CVE-2009-3996 | Version: | 42 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | mikmod |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23114 | |||
Oval ID: | oval:org.mitre.oval:def:23114 | ||
Title: | ELSA-2010:0720: mikmod security update (Moderate) | ||
Description: | Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0720-02 CVE-2007-6720 CVE-2009-3995 CVE-2009-3996 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | mikmod |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26230 | |||
Oval ID: | oval:org.mitre.oval:def:26230 | ||
Title: | Heap-based buffer overflow in IN_MOD.DLL in Winamp before 5.57 | ||
Description: | Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3996 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Winamp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26432 | |||
Oval ID: | oval:org.mitre.oval:def:26432 | ||
Title: | Multiple heap-based buffer overflows in IN_MOD.DLL in Winamp before 5.57 | ||
Description: | Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3995 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Winamp |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for mikmod CESA-2010:0720 centos5 i386 File : nvt/gb_CESA-2010_0720_mikmod_centos5_i386.nasl |
2010-12-02 | Name : Fedora Update for libmikmod FEDORA-2010-13673 File : nvt/gb_fedora_2010_13673_libmikmod_fc14.nasl |
2010-10-01 | Name : Ubuntu Update for libmikmod vulnerabilities USN-995-1 File : nvt/gb_ubuntu_USN_995_1.nasl |
2010-10-01 | Name : CentOS Update for mikmod CESA-2010:0720 centos3 i386 File : nvt/gb_CESA-2010_0720_mikmod_centos3_i386.nasl |
2010-10-01 | Name : CentOS Update for mikmod CESA-2010:0720 centos4 i386 File : nvt/gb_CESA-2010_0720_mikmod_centos4_i386.nasl |
2010-10-01 | Name : RedHat Update for mikmod RHSA-2010:0720-01 File : nvt/gb_RHSA-2010_0720-01_mikmod.nasl |
2010-09-10 | Name : Fedora Update for libmikmod FEDORA-2010-13702 File : nvt/gb_fedora_2010_13702_libmikmod_fc13.nasl |
2010-08-21 | Name : Debian Security Advisory DSA 2081-1 (libmikmod) File : nvt/deb_2081_1.nasl |
2010-08-20 | Name : Mandriva Update for libmikmod MDVSA-2010:151 (libmikmod) File : nvt/gb_mandriva_MDVSA_2010_151.nasl |
2010-07-22 | Name : Debian Security Advisory DSA 2071-1 (libmikmod) File : nvt/deb_2071_1.nasl |
2009-12-23 | Name : Winamp Module Decoder Plug-in Multiple Buffer Overflow Vulnerabilities File : nvt/secpod_winamp_mult_bof_vuln_dec09.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:272-1 (libmikmod) File : nvt/mdksa_2009_272_1.nasl |
2009-10-19 | Name : Mandrake Security Advisory MDVSA-2009:272 (libmikmod) File : nvt/mdksa_2009_272.nasl |
2009-10-13 | Name : SLES10: Security update for libmikmod File : nvt/sles10_libmikmod.nasl |
2009-10-10 | Name : SLES9: Security update for libmikmod File : nvt/sles9p5043927.nasl |
2009-09-02 | Name : Fedora Core 11 FEDORA-2009-9112 (libmikmod) File : nvt/fcore_2009_9112.nasl |
2009-09-02 | Name : Fedora Core 10 FEDORA-2009-9095 (libmikmod) File : nvt/fcore_2009_9095.nasl |
2009-03-13 | Name : SuSE Security Summary SUSE-SR:2009:006 File : nvt/suse_sr_2009_006.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
62139 | Mikmod libmikmod load_ult.c Ultratracker File Handling Overflow |
62138 | Mikmod libmikmod load_it.c Impulse Tracker File Handling Overflow |
61184 | Winamp Module Decoder Plug-in Multiple File Handling Overflows |
53455 | libmikmod Playback Calculation Weakness MOD File Handling DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0720.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100928_mikmod_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmikmod-100422.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libmikmod-7004.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0720.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-995-1.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0720.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13702.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13673.nasl - Type : ACT_GATHER_INFO |
2010-08-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-151.nasl - Type : ACT_GATHER_INFO |
2010-08-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2081.nasl - Type : ACT_GATHER_INFO |
2010-07-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2071.nasl - Type : ACT_GATHER_INFO |
2010-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libmikmod-100422.nasl - Type : ACT_GATHER_INFO |
2010-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libmikmod-100422.nasl - Type : ACT_GATHER_INFO |
2010-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libmikmod-100422.nasl - Type : ACT_GATHER_INFO |
2009-12-17 | Name : The remote Windows host contains a multimedia application that is affected by... File : winamp_557.nasl - Type : ACT_GATHER_INFO |
2009-10-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-272.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12359.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libmikmod-6034.nasl - Type : ACT_GATHER_INFO |
2009-08-31 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9112.nasl - Type : ACT_GATHER_INFO |
2009-08-31 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9095.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libmikmod-090227.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libmikmod-090227.nasl - Type : ACT_GATHER_INFO |
2009-03-03 | Name : The remote openSUSE host is missing a security update. File : suse_libmikmod-6033.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:53:52 |
|