mpg321 mp3 file format string attack
| mpg321-mp3-format-string (14148) |  High Risk |
Description:
mpg321 is vulnerable to a format string attack. A remote attacker could create a specially-crafted mp3 file containing format strings that would cause arbitrary commands to be executed on the victim's system, once the malicious file is played.
Platforms Affected:
- Debian, Debian Linux 3.0
- Gentoo, Linux
- mpg321, mpg321 prior to 0.2.10.2
Remedy:
Upgrade to the latest version of mpg321 (0.2.10. or later), available from the mpg321 Web page. See References.
For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest mpg321 package (0.2.10.2 or later), as listed in DSA-411-1. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
Consequences:
Gain Access
References:
- mpg321 Web page, mpg321, a Free alternative to mpg123 at http://mpg321.sourceforge.net/.
- mpg321ChangeLog Web page, mpg321 (0.2.10) unstable; urgency=low at http://mpg321.sourceforge.net/changelog.
- BID-9364: mpg321 MP3 File Remote Format String Vulnerability
- CVE-2003-0969: mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
- DSA-411: mpg321 -- format string vulnerability
- GLSA-200503-34: mpg321: Format string vulnerability
- OSVDB ID: 3331: mpg321 Remotely Exploitable
Reported:
Jan 05, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net