exploit the possibilities

Debian Security Advisory 3156-1

Debian Security Advisory 3156-1
Posted Feb 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3156-1 - A vulnerability was found in liveMedia, a set of C++ libraries for multimedia streaming. RTSP messages starting with whitespace were assumed to have a zero length, triggering an integer underflow, infinite loop, and then a buffer overflow. This could allow remote attackers to cause a denial of service (crash) or arbitrary code execution via crafted RTSP messages.

tags | advisory, remote, denial of service, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2013-6933
MD5 | 44bd36308c84b56e2432eff8a14041ec

Debian Security Advisory 3156-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3156-1 security@debian.org
http://www.debian.org/security/ Alessandro Ghedini
February 07, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : liblivemedia
CVE ID : CVE-2013-6933

A vulnerability was found in liveMedia, a set of C++ libraries for
multimedia streaming. RTSP messages starting with whitespace were assumed
to have a zero length, triggering an integer underflow, infinite loop,
and then a buffer overflow. This could allow remote attackers to cause a
denial of service (crash) or arbitrary code execution via crafted RTSP
messages.

The packages vlc and mplayer have also been updated to reflect this
improvement.

For the stable distribution (wheezy), this problem has been fixed in
liblivemedia version 2012.05.17-1+wheezy1, vlc version 2.0.3-5+deb7u2+b1,
and mplayer version 2:1.0~rc4.dfsg1+svn34540-1+deb7u1.

For the upcoming stable distribution (jessie), this problem has been
fixed in liblivemedia version 2014.01.13-1.

For the unstable distribution (sid), this problem has been fixed in
liblivemedia version 2014.01.13-1.

We recommend that you upgrade your liblivemedia, vlc, and mplayer
packages.

Further information about Debian Security Advisories, how to apply these
updates to your system and frequently asked questions can be found at:
https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJU1iZ6AAoJEG7C3vaP/jd0MCcP/27ObP4bPSLUYrCVG+/x0v/1
vtuW4ZlazfmT2EO7oz47Td6VAYdym90CF7NasCLHZaueJdTYG71cVsLxWe1NuzZ5
TWL81pM6ff0+b4D0Tj50SFzExMeIG6rqcUYPK1Sq9r3Eww4CBKG3Dxhyz4xva3ZJ
tospDb5zVDSqGXkeBIpY5om15k8FGc+C6YKuyBbWaTsCSISo4m3/NYAJvlqvPiry
Xy3hgpW6mYsemB6ooGWwSK3zU1NVB4dr9Wjv1aFBa2Ar4JTlt2Zz5sqBsRGXuvCV
QVjB+bL/b4C5gP6iJC14OppJqEL2lLwzlYPT9UVmv6nLvwRSPAqAFOAexzk2EIqU
LKs2edQF5HBrxQuvtD3DJcUX88C5/v+A8TYHXEISLdQmaKjF5NWP/ihpWJqocSYB
d3tT2sP0RhthVFIWu5ybZlBZ1T25cTMnaLGCObKDWstNJ8ZJLoSdsqM6Aki8OVka
uVdHvTQhMUh7u2Kx0rQ25B17GRIp+zvA5uNIFk/6SZBA4BR4RDoELMGcepjuTvVn
REEJ1NlQmXrR1Lmr6mVz+JlTDIY4tMN4B7XNxI43PoLsiEhwPo6V5eC44B3oJo+O
mPx6dJsXIe10VTxOfE26Im9Hwkg+uh41Jzoeji7kyK9bxpfWpjwgqkfzupmyoygE
ZIO4G908tuyRPIPs1vdx
=Lhkt
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    9 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close