[gentoo-announce] [ GLSA 200411-14 ] Kaffeine, gxine: Remotely exploitable buffer overflow - gentoo-announce

From:	Luke Macken <lewk@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200411-14 ] Kaffeine, gxine: Remotely exploitable buffer overflow
Date:	Sun, 07 Nov 2004 19:24:20
Message-Id:	`1099855366.13633.11.camel@tomservo.rh.rit.edu`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                        GLSA 200411-14:01

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: Kaffeine, gxine: Remotely exploitable buffer overflow

9

      Date: November 07, 2004

10

      Bugs: #69663, #70055

11

        ID: 200411-14:01

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

Kaffeine and gxine both contain a buffer overflow that can be exploited

19

when accessing content from a malicious HTTP server with specially

20

crafted headers.

21

22

Background

23

==========

24

25

Kaffeine and gxine are graphical front-ends for xine-lib multimedia

26

library.

27

28

Affected packages

29

=================

30

31

    -------------------------------------------------------------------

32

     Package               /   Vulnerable   /               Unaffected

33

    -------------------------------------------------------------------

34

  1  media-video/kaffeine     < 0.5_rc1-r1               >= 0.5_rc1-r1

35

                                                         *>= 0.4.3b-r1

36

  2  media-video/gxine         < 0.3.3-r1                  >= 0.3.3-r1

37

    -------------------------------------------------------------------

38

     2 affected packages on all of their supported architectures.

39

    -------------------------------------------------------------------

40

41

Description

42

===========

43

44

KF of Secure Network Operations has discovered an overflow that occurs

45

during the Content-Type header processing of Kaffeine. The vulnerable

46

code in Kaffeine is reused from gxine, making gxine vulnerable as well.

47

48

Impact

49

======

50

51

An attacker could create a specially-crafted Content-type header from a

52

malicious HTTP server, and crash a user's instance of Kaffeine or

53

gxine, potentially allowing the execution of arbitrary code.

54

55

Workaround

56

==========

57

58

There is no known workaround at this time.

59

60

Resolution

61

==========

62

63

All Kaffeine users should upgrade to the latest version:

64

65

    # emerge --sync

66

    # emerge --ask --oneshot --verbose ">=media-video/kaffeine-0.4.3b-r1"

67

68

All gxine users should upgrade to the latest version:

69

70

    # emerge --sync

71

    # emerge --ask --oneshot --verbose ">=media-video/gxine-0.3.3-r1"

72

73

References

74

==========

75

76

  [ 1 ] SecurityTracker Advisory

77

        http://securitytracker.com/alerts/2004/Oct/1011936.html

78

  [ 2 ] gxine Bug Report

79

        http://sourceforge.net/tracker/index.php?func=detail&aid=1060299&group_id=9655&atid=109655

80

81

Availability

82

============

83

84

This GLSA and any updates to it are available for viewing at

85

the Gentoo Security Website:

86

87

  http://security.gentoo.org/glsa/glsa-200411-14.xml

88

89

Concerns?

90

=========

91

92

Security is a primary focus of Gentoo Linux and ensuring the

93

confidentiality and security of our users machines is of utmost

94

importance to us. Any security concerns should be addressed to

95

security@g.o or alternatively, you may file a bug at

96

http://bugs.gentoo.org.

97

98

License

99

=======

100

101

Copyright 2004 Gentoo Foundation, Inc; referenced text

102

belongs to its owner(s).

103

104

The contents of this document are licensed under the

105

Creative Commons - Attribution / Share Alike license.

106

107

http://creativecommons.org/licenses/by-sa/1.0

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200411-14:01
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Kaffeine, gxine: Remotely exploitable buffer overflow
9	Date: November 07, 2004
10	Bugs: #69663, #70055
11	ID: 200411-14:01
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	Kaffeine and gxine both contain a buffer overflow that can be exploited
19	when accessing content from a malicious HTTP server with specially
20	crafted headers.
21
22	Background
23	==========
24
25	Kaffeine and gxine are graphical front-ends for xine-lib multimedia
26	library.
27
28	Affected packages
29	=================
30
31	-------------------------------------------------------------------
32	Package / Vulnerable / Unaffected
33	-------------------------------------------------------------------
34	1 media-video/kaffeine < 0.5_rc1-r1 >= 0.5_rc1-r1
35	*>= 0.4.3b-r1
36	2 media-video/gxine < 0.3.3-r1 >= 0.3.3-r1
37	-------------------------------------------------------------------
38	2 affected packages on all of their supported architectures.
39	-------------------------------------------------------------------
40
41	Description
42	===========
43
44	KF of Secure Network Operations has discovered an overflow that occurs
45	during the Content-Type header processing of Kaffeine. The vulnerable
46	code in Kaffeine is reused from gxine, making gxine vulnerable as well.
47
48	Impact
49	======
50
51	An attacker could create a specially-crafted Content-type header from a
52	malicious HTTP server, and crash a user's instance of Kaffeine or
53	gxine, potentially allowing the execution of arbitrary code.
54
55	Workaround
56	==========
57
58	There is no known workaround at this time.
59
60	Resolution
61	==========
62
63	All Kaffeine users should upgrade to the latest version:
64
65	# emerge --sync
66	# emerge --ask --oneshot --verbose ">=media-video/kaffeine-0.4.3b-r1"
67
68	All gxine users should upgrade to the latest version:
69
70	# emerge --sync
71	# emerge --ask --oneshot --verbose ">=media-video/gxine-0.3.3-r1"
72
73	References
74	==========
75
76	[ 1 ] SecurityTracker Advisory
77	http://securitytracker.com/alerts/2004/Oct/1011936.html
78	[ 2 ] gxine Bug Report
79	http://sourceforge.net/tracker/index.php?func=detail&aid=1060299&group_id=9655&atid=109655
80
81	Availability
82	============
83
84	This GLSA and any updates to it are available for viewing at
85	the Gentoo Security Website:
86
87	http://security.gentoo.org/glsa/glsa-200411-14.xml
88
89	Concerns?
90	=========
91
92	Security is a primary focus of Gentoo Linux and ensuring the
93	confidentiality and security of our users machines is of utmost
94	importance to us. Any security concerns should be addressed to
95	security@g.o or alternatively, you may file a bug at
96	http://bugs.gentoo.org.
97
98	License
99	=======
100
101	Copyright 2004 Gentoo Foundation, Inc; referenced text
102	belongs to its owner(s).
103
104	The contents of this document are licensed under the
105	Creative Commons - Attribution / Share Alike license.
106
107	http://creativecommons.org/licenses/by-sa/1.0