FrSIRT - Mandriva Security Update Fixes Xine-lib Buffer Overflow Vulnerability / Exploit

French Security Incident Response Team

Français

English

Mandriva Security Update Fixes Xine-lib Buffer Overflow Vulnerability

Date de Publication : 2008-02-18 © FrSIRT.COM
Titre : Mandriva Security Update Fixes Xine-lib Buffer Overflow Vulnerability
Identifiant : FrSIRT/AVIS-2008-0575
CVE ID : CVE-2008-0486
Risque : Critique (4/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Une vulnérabilité a été identifiée dans Mandriva, elle pourrait être exploitée par des attaquants afin de causer un déni de service [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.1:
178998f3f0d0452e0c041f496ba03dc8 2007.1/i586/libxine1-1.1.4-6.7mdv2007.1.i586.rpm
c7f6f99a5fcb674e587081234dde21a7 2007.1/i586/libxine1-devel-1.1.4-6.7mdv2007.1.i586.rpm
678e9c99966c7edf7dd95e7c87305338 2007.1/i586/xine-aa-1.1.4-6.7mdv2007.1.i586.rpm
5aea25425105ca75d26ff8970ae02ad6 2007.1/i586/xine-arts-1.1.4-6.7mdv2007.1.i586.rpm
c25a7c127828f31add319f645ad55b86 2007.1/i586/xine-caca-1.1.4-6.7mdv2007.1.i586.rpm
eca85b0d9e6a79dfc58e6085315d1d32 2007.1/i586/xine-dxr3-1.1.4-6.7mdv2007.1.i586.rpm
a711b0278a16de79e905cb95b9121521 2007.1/i586/xine-esd-1.1.4-6.7mdv2007.1.i586.rpm
26a905e33cfe9aa422da1684f6c0019b 2007.1/i586/xine-flac-1.1.4-6.7mdv2007.1.i586.rpm
6634b2c97e4e96afeb540778ea42d522 2007.1/i586/xine-gnomevfs-1.1.4-6.7mdv2007.1.i586.rpm
9b5d2a1c1d29ffbcda4820e317151985 2007.1/i586/xine-image-1.1.4-6.7mdv2007.1.i586.rpm
f9085c7a5abbbdeda51b53b00bfdeb96 2007.1/i586/xine-jack-1.1.4-6.7mdv2007.1.i586.rpm
5e3c733e097c4d5405509a9b7bf09a9c 2007.1/i586/xine-plugins-1.1.4-6.7mdv2007.1.i586.rpm
6ae1f58bdc1e02a13dd53ad7098a39a2 2007.1/i586/xine-pulse-1.1.4-6.7mdv2007.1.i586.rpm
f8d91cc3e12d683f508cc4a972375227 2007.1/i586/xine-sdl-1.1.4-6.7mdv2007.1.i586.rpm
8cfb3b489466b2d75513a88982939605 2007.1/i586/xine-smb-1.1.4-6.7mdv2007.1.i586.rpm
5dbeba8e5dc8dfc8f33c119a22c9216a 2007.1/SRPMS/xine-lib-1.1.4-6.7mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
5d087d041ce6f601bd126ad7cbeaf885 2007.1/x86_64/lib64xine1-1.1.4-6.7mdv2007.1.x86_64.rpm
b3039816dd8675c3b7a53fbd02d7985a 2007.1/x86_64/lib64xine1-devel-1.1.4-6.7mdv2007.1.x86_64.rpm
abeba0838384ef6db0fdcf9daa73b72a 2007.1/x86_64/xine-aa-1.1.4-6.7mdv2007.1.x86_64.rpm
49ac0466be942b411c8f09fa7b3252f4 2007.1/x86_64/xine-arts-1.1.4-6.7mdv2007.1.x86_64.rpm
94b5fece762703f3ce7e9c8a698d0d38 2007.1/x86_64/xine-caca-1.1.4-6.7mdv2007.1.x86_64.rpm
28983abc5e237d5299ce5339c4c55de3 2007.1/x86_64/xine-dxr3-1.1.4-6.7mdv2007.1.x86_64.rpm
efabb6cc2b4354b9642ee9509ac85529 2007.1/x86_64/xine-esd-1.1.4-6.7mdv2007.1.x86_64.rpm
a1ba6ef73175029d9bff30c18c8da03c 2007.1/x86_64/xine-flac-1.1.4-6.7mdv2007.1.x86_64.rpm
c0339fe8b0b7088c00f57c5825dede60 2007.1/x86_64/xine-gnomevfs-1.1.4-6.7mdv2007.1.x86_64.rpm
1f75876e108d4a3fd395dc6200c29247 2007.1/x86_64/xine-image-1.1.4-6.7mdv2007.1.x86_64.rpm
2726efd011a6bc8e4a93f58c932d94ff 2007.1/x86_64/xine-jack-1.1.4-6.7mdv2007.1.x86_64.rpm
d77a456b2693aaa123af5d3623b1ce0c 2007.1/x86_64/xine-plugins-1.1.4-6.7mdv2007.1.x86_64.rpm
63558627e698b8b4fd959ebb804bdf7d 2007.1/x86_64/xine-pulse-1.1.4-6.7mdv2007.1.x86_64.rpm
de93098e4bacad485dc7640172ee6e84 2007.1/x86_64/xine-sdl-1.1.4-6.7mdv2007.1.x86_64.rpm
048058ec44c6359e9fc453c2d1cc9a4d 2007.1/x86_64/xine-smb-1.1.4-6.7mdv2007.1.x86_64.rpm
5dbeba8e5dc8dfc8f33c119a22c9216a 2007.1/SRPMS/xine-lib-1.1.4-6.7mdv2007.1.src.rpm

Mandriva Linux 2008.0:
de0ab0de5c9982a78f610ac25a112287 2008.0/i586/libxine-devel-1.1.8-4.5mdv2008.0.i586.rpm
d19aa7c095f817f4329607aa42fee17e 2008.0/i586/libxine1-1.1.8-4.5mdv2008.0.i586.rpm
3f19ea43ab25102df874527ee87d678e 2008.0/i586/xine-aa-1.1.8-4.5mdv2008.0.i586.rpm
19ef41664e46e2942de9e53a9c2e0501 2008.0/i586/xine-caca-1.1.8-4.5mdv2008.0.i586.rpm
4b0481b2a6b94e70604a1d20e6114506 2008.0/i586/xine-dxr3-1.1.8-4.5mdv2008.0.i586.rpm
f0c3cf715c42f89ad554305c781fb540 2008.0/i586/xine-esd-1.1.8-4.5mdv2008.0.i586.rpm
7b17ea27ddf9ae0aa6bbfe6e2e77d5bf 2008.0/i586/xine-flac-1.1.8-4.5mdv2008.0.i586.rpm
18c86fe493f6669d606ab61bd1d175e4 2008.0/i586/xine-gnomevfs-1.1.8-4.5mdv2008.0.i586.rpm
19320b5d160c734e277c47df7fd20ef7 2008.0/i586/xine-image-1.1.8-4.5mdv2008.0.i586.rpm
bd215036c6a7c8bde6f417524dd3ceda 2008.0/i586/xine-jack-1.1.8-4.5mdv2008.0.i586.rpm
1266dbb2810d66306f4d92190f523ba2 2008.0/i586/xine-plugins-1.1.8-4.5mdv2008.0.i586.rpm
6b035b6038ad0930aa9acc688f9865b3 2008.0/i586/xine-pulse-1.1.8-4.5mdv2008.0.i586.rpm
2c46f3c1877198063d52454fd6b63ac2 2008.0/i586/xine-sdl-1.1.8-4.5mdv2008.0.i586.rpm
ab4d3d4caca7d173788554878884ce87 2008.0/i586/xine-smb-1.1.8-4.5mdv2008.0.i586.rpm
e5f0cb9b2566282ba0b41925af139998 2008.0/SRPMS/xine-lib-1.1.8-4.5mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
107a63ccbace08da5186649f3eac5bd9 2008.0/x86_64/lib64xine-devel-1.1.8-4.5mdv2008.0.x86_64.rpm
9d95d192b4be04ace9d818c67133fcff 2008.0/x86_64/lib64xine1-1.1.8-4.5mdv2008.0.x86_64.rpm
63eea92672429c96183b0565e6b1a198 2008.0/x86_64/xine-aa-1.1.8-4.5mdv2008.0.x86_64.rpm
671da88b33fe1124860604e4e680f071 2008.0/x86_64/xine-caca-1.1.8-4.5mdv2008.0.x86_64.rpm
f88a405b6443e1074651339f48a85827 2008.0/x86_64/xine-dxr3-1.1.8-4.5mdv2008.0.x86_64.rpm
3173feb9a5079fd109f58af244d8f505 2008.0/x86_64/xine-esd-1.1.8-4.5mdv2008.0.x86_64.rpm
8d7e3712b016a86816df2a412876b3f4 2008.0/x86_64/xine-flac-1.1.8-4.5mdv2008.0.x86_64.rpm
646ddb89d4e98caf09fd190dd97f1a0b 2008.0/x86_64/xine-gnomevfs-1.1.8-4.5mdv2008.0.x86_64.rpm
71f6065a2bb2d8f80544d823da0418df 2008.0/x86_64/xine-image-1.1.8-4.5mdv2008.0.x86_64.rpm
46c733f0759a53cdf6acb7b526e5fdbf 2008.0/x86_64/xine-jack-1.1.8-4.5mdv2008.0.x86_64.rpm
aaf50def0e0fda34895b8b618c552c0b 2008.0/x86_64/xine-plugins-1.1.8-4.5mdv2008.0.x86_64.rpm
d3458757334d52da98ace5715a324aa1 2008.0/x86_64/xine-pulse-1.1.8-4.5mdv2008.0.x86_64.rpm
e5bc9c60737c1c2237a1e04f6a5e1112 2008.0/x86_64/xine-sdl-1.1.8-4.5mdv2008.0.x86_64.rpm
de7dfc36dd7089287cd650fbb765e76f 2008.0/x86_64/xine-smb-1.1.8-4.5mdv2008.0.x86_64.rpm
e5f0cb9b2566282ba0b41925af139998 2008.0/SRPMS/xine-lib-1.1.8-4.5mdv2008.0.src.rpm

Historique

2008-02-18 : Version Initiale
2008-02-21 : MaJ Solution

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	IBM Lotus Quickr Denial of Service Vulnerabilities
	IBM Tivoli Netcool/Webtop Multiple Security Bypass Vulnerabilities
	IBM WebSphere Application Server Security Exposure Vulnerabilities
	IBM DB2 Universal Database Multiple Denial of Service
	IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability
	IBM WebSphere Application Server Cross Site Scripting Vulnerability
	IBM DB2 CLR Stored Procedures Unspecified Vulnerability

	Sun Java System Web Proxy Server FTP Heap Overflow
	Sun Solaris ACL UFS File Systems Denial of Service Vulnerability
	Sun Solaris Text Editors Tag Files Local Code Execution Vulnerability
	Sun Management Center Remote Denial of Service Vulnerability
	Sun Solaris Bzip2 Archive Handling Denial of Service Vulnerability
	Sun Solaris GNU Tar Headers Handling Buffer Overflow Vulnerability
	Sun Solaris Covert Channel Local Security Bypass Vulnerability

	Cisco Unity Security Bypass and Denial of Service
	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability