1 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
2 |
Gentoo Linux Security Advisory GLSA 200403-13 |
3 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
4 |
http://security.gentoo.org |
5 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
6 |
|
7 |
Severity: High |
8 |
Title: Remote buffer overflow in MPlayer |
9 |
Date: March 31, 2004 |
10 |
Bugs: #46246 |
11 |
ID: 200403-13 |
12 |
|
13 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
14 |
|
15 |
Synopsis |
16 |
======== |
17 |
|
18 |
MPlayer contains a remotely exploitable buffer overflow in the HTTP |
19 |
parser that may allow attackers to run arbitrary code on a user's |
20 |
computer. |
21 |
|
22 |
Background |
23 |
========== |
24 |
|
25 |
Quote from http://mplayerhq.hu |
26 |
|
27 |
"MPlayer is a movie player for LINUX (runs on many other Unices, and |
28 |
non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, |
29 |
OGG/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, YUV4MPEG, |
30 |
FILM, RoQ, PVA files, supported by many native, XAnim, and Win32 DLL |
31 |
codecs. You can watch VideoCD, SVCD, DVD, 3ivx, DivX 3/4/5 and even WMV |
32 |
movies, too." |
33 |
|
34 |
Affected packages |
35 |
================= |
36 |
|
37 |
------------------------------------------------------------------- |
38 |
Package/ Vulnerable / Unaffected |
39 |
------------------------------------------------------------------- |
40 |
mplayer <= 0.92 >= 0.92-r1 |
41 |
mplayer <= mplayer-1.0_pre2 >= mplayer-1.0_pre2-r1 |
42 |
mplayer <= mplayer-1.0_pre3 >= mplayer-1.0_pre3-r3 |
43 |
|
44 |
Description |
45 |
=========== |
46 |
|
47 |
A vulnerability exists in the MPlayer HTTP parser which may allow an |
48 |
attacker to craft a special HTTP header ("Location:") which will trick |
49 |
MPlayer into executing arbitrary code on the user's computer. |
50 |
|
51 |
Impact |
52 |
====== |
53 |
|
54 |
An attacker without privileges may exploit this vulnerability remotely, |
55 |
allowing arbitrary code to be executed in order to gain unauthorized |
56 |
access. |
57 |
|
58 |
Workaround |
59 |
========== |
60 |
|
61 |
A workaround is not currently known for this issue. All users are |
62 |
advised to upgrade to the latest version of the affected package. |
63 |
|
64 |
Resolution |
65 |
========== |
66 |
|
67 |
MPlayer may be upgraded as follows: |
68 |
|
69 |
x86 and sparc: |
70 |
|
71 |
# emerge sync |
72 |
|
73 |
# emerge -pv ">=media-video/mplayer-0.92-r1" |
74 |
# emerge ">=media-video/mplayer-0.92-r1" |
75 |
|
76 |
amd64: |
77 |
|
78 |
# emerge sync |
79 |
|
80 |
# emerge -pv ">=media-video/mplayer-1.0_pre2-r1" |
81 |
# emerge ">=media-video/mplayer-1.0_pre2-r1" |
82 |
|
83 |
ppc: |
84 |
|
85 |
# emerge sync |
86 |
|
87 |
# emerge -pv ">=media-video/mplayer-1.0_pre3-r2" |
88 |
# emerge ">=media-video/mplayer-1.0_pre3-r2" |
89 |
|
90 |
References |
91 |
========== |
92 |
|
93 |
[ 1 ] http://www.mplayerhq.hu/homepage/design6/news.html |
94 |
|
95 |
Concerns? |
96 |
========= |
97 |
|
98 |
Security is a primary focus of Gentoo Linux and ensuring the |
99 |
confidentiality and security of our users machines is of utmost |
100 |
importance to us. Any security concerns should be addressed to |
101 |
security@g.o or alternatively, you may file a bug at |
102 |
http://bugs.gentoo.org. |