ESB-2007.0227

Operating System:
[UNIX/Linux][Debian]
Published:
05 April 2007
Protect yourself against future threats.
//Service

Security Bulletins

Receive up to date and consistent security bulletins across a wide range of vendors, streamlining security patching.
Resources > Security Bulletins > ESB-2007.0227
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                   ESB-2007.0227 -- [UNIX/Linux][Debian]
              New XMMS packages fix arbitrary code execution
                               5 April 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              xmms
Publisher:            Debian
Operating System:     Debian GNU/Linux 3.1
                      UNIX variants (UNIX, Linux, OSX)
Impact:               Execute Arbitrary Code/Commands
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-0654 CVE-2007-0653

Original Bulletin:    http://www.debian.org/security/2007/dsa-1277

Comment: This advisory references vulnerabilities in products which run on
         platforms other than Debian. It is recommended that administrators
         running xmms check for an updated version of the software for
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1277-1                security@debian.org
http://www.debian.org/security/                         Noah Meyerhans
April 04, 2007
- - ------------------------------------------------------------------------

Package        : xmms
Vulnerability  : several
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2007-0654 CVE-2007-0653
BugTraq ID     : 23078
Debian Bug     : 416423

Multiple errors have been found in the skin handling routines in xmms,
the X Multimedia System.  These vulnerabilities could allow an
attacker to run arbitrary code as the user running xmms by inducing
the victim to load specially crafted interface skin files.

For the stable distribution (sarge), these problems have been fixed in
version 1.2.10+cvs20050209-2sarge1

For the upcoming stable distrubution (etch) and the unstable
distribution (sid), these problems have been fixed in versions
1:1.2.10+20061101-1etch1 and 1:1.2.10+20070401-1, respectively.

We recommend that you upgrade your xmms packages.

Upgrade instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian 3.1 (stable)
- - -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1.diff.gz
    Size/MD5 checksum:   333600 8d25c5173ec7d94d0db9f92b418610ce
  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209.orig.tar.gz
    Size/MD5 checksum:  2796215 ec03ce185b2fd255d58ef5d2267024eb
  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1.dsc
    Size/MD5 checksum:     1065 d03e55ebe9c6a5ba2337d5f3542bc883

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_alpha.deb
    Size/MD5 checksum:  2700990 aa024afc093e8f415b19d783e39b81c0
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_alpha.deb
    Size/MD5 checksum:    48766 5fd631196c28fd44df02ecf25ab9c676

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_amd64.deb
    Size/MD5 checksum:  2434966 5c10a5a20aa5329b1c120cef213ef164
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_amd64.deb
    Size/MD5 checksum:    37810 06a82b2325505c9e30e4b7d9c6a17ffe

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_arm.deb
    Size/MD5 checksum:  2396722 fcead4025c4743996a4c307a003377df
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_arm.deb
    Size/MD5 checksum:    35376 e4f630de7290d4141964cc6ae8758ac4

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_hppa.deb
    Size/MD5 checksum:  2585550 c73dd34f37131785adcf699e65b55ac3
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_hppa.deb
    Size/MD5 checksum:    40834 90fe696e1dee1d694cd8148ac83a6b88

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_i386.deb
    Size/MD5 checksum:    33842 52fef7c2ef6a73f329d18b4df43ee6e5
  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_i386.deb
    Size/MD5 checksum:  2395578 c0a4c275b67ce3bc166128cd4c1fa747

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_ia64.deb
    Size/MD5 checksum:  2717624 e7d9b41eda0f4b32c3bba2c2dff15fc1
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_ia64.deb
    Size/MD5 checksum:    48220 28fef757212bef0da7ed46bec7e76740

m68k architecture (Motorola Mc680x0)

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_m68k.deb
    Size/MD5 checksum:  2315470 1a93ec2577d2a79b9b645003e1d22a03
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_m68k.deb
    Size/MD5 checksum:    31624 30bd86c18e943f3a93a983a63c2c1fb7

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_mips.deb
    Size/MD5 checksum:  2412762 e340f997cfbbe0ef8ef50f78b5ec5d71
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_mips.deb
    Size/MD5 checksum:    40580 698dfcf5c909de3a955f6337fb23e425

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_mipsel.deb
    Size/MD5 checksum:  2391432 b2ef3697588a72e735f5caa02593d1b7
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_mipsel.deb
    Size/MD5 checksum:    40516 10443e075a1f4840d4de22f2dcfc355b

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_powerpc.deb
    Size/MD5 checksum:    36946 057d90024cae6e6a0fdfa2d0de666134
  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_powerpc.deb
    Size/MD5 checksum:  2487280 e0571a0993112c79d6751509e548193d

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_s390.deb
    Size/MD5 checksum:  2430886 2cc8a1371309b973c1f963a93fc58a80
  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_s390.deb
    Size/MD5 checksum:    37424 3e6eb798d0a7a6137fbb1ad1a961da75

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/x/xmms/xmms-dev_1.2.10+cvs20050209-2sarge1_sparc.deb
    Size/MD5 checksum:    34526 2e7e99b117f6c9ab83d9a8c0afc12f79
  http://security.debian.org/pool/updates/main/x/xmms/xmms_1.2.10+cvs20050209-2sarge1_sparc.deb
    Size/MD5 checksum:  2422962 9d5a5484287a3773e8f7a8f5bac4d29a


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGFCB0YrVLjBFATsMRAlUnAJ982xgAnPh05aTYs5FoAqCdRJeazQCffIP2
PXuuTTivH7wU3YxZ+xJzXY0=
=ttw5
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRhRNiCh9+71yA2DNAQLj2wQAmkY0wJc5AxTCyWMgBZN6kASsps3TC2Vi
+ftcM8GGN0jUH768wyKew5GjoCZUCJ79e2UakCON8to6kSZ7c7HzMrLVGBCTwnM8
968BwRHO12P7Yq4TcLF/OTbHoSKx7hhSfBCwGvSAG/VabGoHtBaMwxp0cEagj4AW
5ZBt2zsP/wA=
=rha4
-----END PGP SIGNATURE-----