Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2012.0197 libmodplug security update 22 February 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libmodplug Publisher: Debian Operating System: Debian GNU/Linux 6 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2011-2915 CVE-2011-2914 CVE-2011-2913 CVE-2011-2912 CVE-2011-2911 CVE-2011-1761 Reference: ESB-2011.0911 Original Bulletin: http://www.debian.org/security/2012/dsa-2415 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-2415-1 security@debian.org http://www.debian.org/security/ Nico Golde February 21, 2012 http://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : libmodplug Vulnerability : several Problem type : local Debian-specific: no CVE ID : CVE-2011-1761 CVE-2011-2911 CVE-2011-2912 CVE-2011-2913 CVE-2011-2914 CVE-2011-2915 Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for mod music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1761 epiphant discovered that the abc file parser is vulnerable to several stack-based buffer overflows that potentially lead to the execution of arbitrary code. CVE-2011-2911 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadWav function is vulnerable to an integer overflow which leads to a heap-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted WAV files. CVE-2011-2912 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadS3M function is vulnerable to a stack-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted S3M files. CVE-2011-2913 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadAMS function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files. CVE-2011-2914 It was discovered that the CSoundFile::ReadDSM function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted DSM files. CVE-2011-2915 It was discovered that the CSoundFile::ReadAMS2 function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files. For the stable distribution (squeeze), this problem has been fixed in version 1:0.8.8.1-1+squeeze2. For the testing (wheezy) and unstable (sid) distributions, this problem has been fixed in version 1:0.8.8.4-1. We recommend that you upgrade your libmodplug packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk9ELRcACgkQHYflSXNkfP+KngCffkP46LcmaSlOTCaIB5JoTyXs 7z0AoK4EaUFB9Qelksy9oqBeZ4f8ys7d =5vLD - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBT0RCeu4yVqjM2NGpAQJvTQ//Qc7qSSlV/HdjdB5qubGoSaoNQvxe2vNZ w8nVYQf8a7OugHp242F8io13Nu6pntURPSQqwzpNKlJhIV6Ze7lelYi9uffS644k PYhOrTPrUGbdGpThbgN/JlBjOXolQ5x8keFfaPk6NG3OEgS59tw99AUi3sGEfxWW 8Slp0wBTcM5qsCKzlwCbVCY43OUMJdhIzaH6NJJ/NR6cUAgOf9xugHpP3RLLN3+r OwWEiZOFaKgIo0bgfMYEiWuxaY+4hv/3U622pMwkLFLuU4wcadH6qXBwZB2k16b7 0xG/+UKJH+evo/a7/5qj+VcMsdPAsHUGLZlcmV/CktiRE+VGH/2C+tZqA9QGS7n2 737Q2GJz/iMCI+MUKw1iwI0uZlzH4EnvCaY89ZHGgOFufCLE+6sybnSLmDlOdT3a 4/tNJgqxbSW/Pjnd6zfHbEaoNOSgklOHhN4YZsLBcE8mq1nymfH85+L+aqe8nPMn TLcbkWX2FFYAAbWtZ4VaB9XoIPCtlpKjTvlnVez3xOmiTA22ThsjZhq4vLHzsHmk kVDKzOlGdd2GrrKxYB/T4mWiXbZ/1OET2hM9DQb3dvNq+gq4Yu+PSEuG0rExIBAK eZ6EhqV/6Z4pTdoTQ309pWvfiqXPbOLeNr+KNLLeSxrOHQjEqoW6hjPpm1NO0h6+ Mf+FRF3Qm54= =BDZ9 -----END PGP SIGNATURE-----