Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunity - new!Blog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Debian update for mikmod
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Debian update for mikmod
Secunia Advisory: SA9040
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2003-06-16
Popularity: 8,005 views

Critical:
Less critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

OS:Debian GNU/Linux 2.x
Debian GNU/Linux 3.0
Debian GNU/Linux unstable alias sid
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2003-0427
Description:
Debian has issued updated packages for mikmod. These fix a vulnerability, which potentially could be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error. This can be exploited to cause a buffer overflow by including a file with an overly long, specially crafted filename inside an archive.

Successful exploitation requires that a user is tricked into reading the malicious archive using mikmod.

Solution:
Updated packages:

-- Debian GNU/Linux 2.2 alias potato --

Source archives:

http://security.debian.org/pool/updates/main/m/mikmod/mikmod_3.1.6-2potato3.dsc
Size/MD5 checksum: 595 d0a811016b5025b327eea822373f12d5
http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-2potato3.diff.gz
Size/MD5 checksum: 6207 2ce7c29ac4c12632de56a1db093982f7
http://security.debian.org/pool/updates/main/m/mikmod/mikmod_3.1.6.orig.tar.gz
Size/MD5 checksum: 134827 71d8142ae3ae27034535913e906b1384

Alpha architecture:

http://security.debian.org/pool/updat...ikmod/mikmod_3.1.6-2potato3_alpha.deb
Size/MD5 checksum: 62968 0c0d4ff734a7c02e4d8c862bb3745713

ARM architecture:

http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-2potato3_arm.deb
Size/MD5 checksum: 52588 7d5da70323e8549fc7cf5528173f3d1d

Intel IA-32 architecture:

http://security.debian.org/pool/updat...mikmod/mikmod_3.1.6-2potato3_i386.deb
Size/MD5 checksum: 50666 f00f6100852c6a25be4909e861368877

Motorola 680x0 architecture:

http://security.debian.org/pool/updat...mikmod/mikmod_3.1.6-2potato3_m68k.deb
Size/MD5 checksum: 48942 390d71cc5d5f98e84e077961740b9608

PowerPC architecture:

http://security.debian.org/pool/updat...mod/mikmod_3.1.6-2potato3_powerpc.deb
Size/MD5 checksum: 53578 ef6419433633f01244eafeb7b61d0e6c

Sun Sparc architecture:

http://security.debian.org/pool/updat...ikmod/mikmod_3.1.6-2potato3_sparc.deb
Size/MD5 checksum: 54836 ca9367c16507f4ed6d247cc7001d777a


-- Debian GNU/Linux 3.0 alias woody --

Source archives:

http://security.debian.org/pool/updates/main/m/mikmod/mikmod_3.1.6-4woody3.dsc
Size/MD5 checksum: 608 b52405fb77329efddae915e145a9751d
http://security.debian.org/pool/updat...m/mikmod/mikmod_3.1.6-4woody3.diff.gz
Size/MD5 checksum: 9726 35080e8530e9924be4d86aafbd31b84d
http://security.debian.org/pool/updates/main/m/mikmod/mikmod_3.1.6.orig.tar.gz
Size/MD5 checksum: 134827 71d8142ae3ae27034535913e906b1384

Alpha architecture:

http://security.debian.org/pool/updat...mikmod/mikmod_3.1.6-4woody3_alpha.deb
Size/MD5 checksum: 62712 fe5456aa0ca7a1819fd1bb87b82bde1a

ARM architecture:

http://security.debian.org/pool/updat...m/mikmod/mikmod_3.1.6-4woody3_arm.deb
Size/MD5 checksum: 52602 d75974481a2b2e23c47a7f700bf878e5

Intel IA-32 architecture:

http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-4woody3_i386.deb
Size/MD5 checksum: 50578 fde5b864a91bdddf1b07720af26cf5d5

Intel IA-64 architecture:

http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-4woody3_ia64.deb
Size/MD5 checksum: 76108 ad1cbef734d43f5e0fa5bad3c7f1cd72

HP Precision architecture:

http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-4woody3_hppa.deb
Size/MD5 checksum: 58482 9edb50e45214bc0b3225f5070df2b59f

Motorola 680x0 architecture:

http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-4woody3_m68k.deb
Size/MD5 checksum: 48554 a52f8913418501bf6a4b103e14636436

Big endian MIPS architecture:

http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-4woody3_mips.deb
Size/MD5 checksum: 57352 4edbef3712ec7220cdbe410c61aa8406

Little endian MIPS architecture:

http://security.debian.org/pool/updat...ikmod/mikmod_3.1.6-4woody3_mipsel.deb
Size/MD5 checksum: 57538 f0846374f89bc626f6ed29fd82bbd4af

PowerPC architecture:

http://security.debian.org/pool/updat...kmod/mikmod_3.1.6-4woody3_powerpc.deb
Size/MD5 checksum: 53758 9a8e2a41cf260e5eecfd0472f2f574e6

IBM S/390 architecture:

http://security.debian.org/pool/updat.../mikmod/mikmod_3.1.6-4woody3_s390.deb
Size/MD5 checksum: 53038 bddc8a9dcdea2b4386b5d5a4b3d281e1

Sun Sparc architecture:

http://security.debian.org/pool/updat...mikmod/mikmod_3.1.6-4woody3_sparc.deb
Size/MD5 checksum: 52786 9da2c9dc87e8c9d742483e5929c2e90f


-- Debian GNU/Linux unstable alias sid --

Fixed in version 3.1.6-6.

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

2nd Dec, 2008
New advisories: 14
New vulnerabilities: 21
Updated advisories: 26

Less // 377 views
Linksys WRT160N Cross-Site Scripting Vulnerability
Less // 359 views
IBM Rational ClearQuest Multiple Vulnerabilities
Not // 284 views
Debian update for flamethrower
Not // 275 views
flamethrower Insecure Temporary Files
Less // 333 views
IBM Rational ClearCase Cross-Site Scripting Vulnerability
Not // 317 views
DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability
Not // 315 views
Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities
Moderately // 302 views
Rumpus Multiple Vulnerabilities
Less // 321 views
bcoos "cid" SQL Injection Vulnerability
Moderately // 334 views
ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Sun Java JDK / JRE Multiple Vulnerabilities // 52 views
2. Linksys WRT160N Cross-Site Scripting Vulnerability // 32 views
3. ClamAV "cli_check_jpeg_exploit()" Denial of Service Vulnerability // 32 views
4. Adobe Acrobat/Reader Multiple Vulnerabilities // 28 views
5. IBM Rational ClearQuest Multiple Vulnerabilities // 26 views
6. IBM Rational ClearCase Cross-Site Scripting Vulnerability // 25 views
7. Rumpus Multiple Vulnerabilities // 25 views
8. bcoos "cid" SQL Injection Vulnerability // 23 views
9. Mozilla Firefox 3 Multiple Vulnerabilities // 23 views
10. Debian update for flamethrower // 23 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008