Test Kennung:	1.3.6.1.4.1.25623.1.0.880621
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for mikmod CESA-2010:0720 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'mikmod'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'mikmod' package(s) announced via the referenced advisory. Vulnerability Insight: MikMod is a MOD music file player for Linux, UNIX, and similar operating systems. It supports various file formats including MOD, STM, S3M, MTM, XM, ULT, and IT. Multiple input validation flaws, resulting in buffer overflows, were discovered in MikMod. Specially-crafted music files in various formats could, when played, cause an application using the MikMod library to crash or, potentially, execute arbitrary code. (CVE-2009-3995, CVE-2009-3996, CVE-2007-6720) All MikMod users should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using the MikMod library must be restarted for this update to take effect. Affected Software/OS: mikmod on CentOS 5 Solution: Please install the updated packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6720 BugTraq ID: 33235 http://www.securityfocus.com/bid/33235 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519 http://openwall.com/lists/oss-security/2009/01/13/2 http://secunia.com/advisories/34259 SuSE Security Announcement: SUSE-SR:2009:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2009-3995 BugTraq ID: 37374 http://www.securityfocus.com/bid/37374 Bugtraq: 20091217 Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows (Google Search) http://www.securityfocus.com/archive/1/508527/100/0/threaded Bugtraq: 20091217 Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/508526/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2010:151 http://secunia.com/secunia_research/2009-52/ http://secunia.com/secunia_research/2009-53/ http://secunia.com/secunia_research/2009-55/ http://secunia.com/advisories/37495 http://secunia.com/advisories/40799 SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://www.vupen.com/english/advisories/2009/3575 http://www.vupen.com/english/advisories/2010/1107 http://www.vupen.com/english/advisories/2010/1957 Common Vulnerability Exposure (CVE) ID: CVE-2009-3996 Bugtraq: 20091217 Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/508528/100/0/threaded http://secunia.com/secunia_research/2009-56/
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.