mpg123 layer2.c buffer overflow
| mpg123-layer2c-bo (17287) |  High Risk |
Description:
mpg123 is vulnerable to a buffer overflow in the layer2.c file, caused by improper bounds checking of user-supplied input. By creating a specially-crafted MP2 or MP3 file, a remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the victim, once the malicious file is played.
Consequences:
Gain Access
Remedy:
For Gentoo Linux:
Upgrade to the latest version of mpg123 (0.59s-r4 or later), as listed in GLSA 200409-20. See References.
As a workaround, apply the unofficial patch for this vulnerability, as listed in Davide Del Vecchio Advisory #10. See References.
For Mandrake Linux:
Upgrade to the latest mpg123 package, as listed below. Refer to MandrakeSoft Security Advisory MDKSA-2004:100 : mpg123 for more information. See References.
Mandrake Linux 9.2: 0.59r-21.1.92mdk or later
Mandrake Linux Corporate Server 2.1: 0.59r-21.1.C21mdk or later
Mandrake Linux 10.0: 0.59r-21.1.100mdk or later
For Debian GNU/Linux 3.0 (alias woody):
Upgrade to the latest mpg123 package (0.59r-13woody3 or later), as listed in DSA-564-1. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
References:
- Davide Del Vecchio Advisory #10: mpg123-0.59r buffer overflow vulnerability.
- Full-Disclosure Mailing List, Mon Sep 06 2004 - 21:16:34 CDT : mpg123 buffer overflow vulnerability.
- mpg123 Web site: mpg123, Fast MP3 Player for Linux and UNIX systems.
- BID-11121: MPG123 Remote Stereo Boundary Buffer Overflow Vulnerability
- CVE-2004-0805: Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.
- DSA-564: mpg123 -- missing user input sanitising
- GLSA-200409-20: mpg123: Buffer overflow vulnerability
- MDKSA-2004:100: Updated mpg123 packages fix vulnerabilities
- SUSE-SA:2004:031: cups: remote code execution
Platforms Affected:
- Debian Debian Linux 3.0
- Gentoo Linux
- MandrakeSoft Mandrake Linux 10.0
- MandrakeSoft Mandrake Linux 10.0 AMD64
- MandrakeSoft Mandrake Linux 9.2 AMD64
- MandrakeSoft Mandrake Linux 9.2
- MandrakeSoft Mandrake Linux Corporate Server 2.1
- MandrakeSoft Mandrake Linux Corporate Server 2.1 X86_64
- mpg123 mpg123 0.59 s
- mpg123 mpg123 0.59 r
- SuSE Linux Enterprise Server 8
- SUSE SuSE Linux 8.1
- SUSE SuSE Linux 8.2
- SUSE SuSE Linux 9.0
- SUSE SuSE Linux 9.1
- SuSE SuSE Linux Desktop 1.0
Reported:
Sep 07, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net