exploit the possibilities

Ubuntu Security Notice 995-1

Ubuntu Security Notice 995-1
Posted Sep 29, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 995-1 - It was discovered that libMikMod incorrectly handled songs with different channel counts. If a user were tricked into opening a crafted song file, an attacker could cause a denial of service. It was discovered that libMikMod incorrectly handled certain malformed XM files. If a user were tricked into opening a crafted XM file, an attacker could cause a denial of service. It was discovered that libMikMod incorrectly handled certain malformed Impulse Tracker files. If a user were tricked into opening a crafted Impulse Tracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libMikMod incorrectly handled certain malformed Ultratracker files. If a user were tricked into opening a crafted Ultratracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-6720, CVE-2009-0179, CVE-2009-3995, CVE-2009-3996, CVE-2010-2546, CVE-2010-2971
MD5 | ce02ea8d777eaea655c7b321a1929a98

Ubuntu Security Notice 995-1

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-995-1 September 29, 2010
libmikmod vulnerabilities
CVE-2007-6720, CVE-2009-0179, CVE-2009-3995, CVE-2009-3996,
CVE-2010-2546, CVE-2010-2971
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
libmikmod2 3.1.11-6ubuntu3.8.04.1

Ubuntu 9.04:
libmikmod2 3.1.11-6ubuntu3.9.04.1

Ubuntu 9.10:
libmikmod2 3.1.11-6ubuntu4.1

In general, a standard system update will make all the necessary changes.

Details follow:

It was discovered that libMikMod incorrectly handled songs with different
channel counts. If a user were tricked into opening a crafted song file,
an attacker could cause a denial of service. (CVE-2007-6720)

It was discovered that libMikMod incorrectly handled certain malformed XM
files. If a user were tricked into opening a crafted XM file, an attacker
could cause a denial of service. (CVE-2009-0179)

It was discovered that libMikMod incorrectly handled certain malformed
Impulse Tracker files. If a user were tricked into opening a crafted
Impulse Tracker file, an attacker could cause a denial of service or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971)

It was discovered that libMikMod incorrectly handled certain malformed
Ultratracker files. If a user were tricked into opening a crafted
Ultratracker file, an attacker could cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2009-3996)


Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.diff.gz
Size/MD5: 339148 88b89686ec91f5173c6dd8b80ce8e64e
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.dsc
Size/MD5: 730 9d56dccce0535ee3c48ca642da04705a
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
Size/MD5: 611590 705106da305e8de191549f1e7393185c

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_amd64.deb
Size/MD5: 266550 9200823b863117753bac8a1aae63c2ca
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_amd64.deb
Size/MD5: 155628 cff0d15986f092c78cda7bb3a657e1f6

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_i386.deb
Size/MD5: 244016 27453dd915f85ccd7dba0710ecab4acc
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_i386.deb
Size/MD5: 146476 b67d8d50c02001e45eb618d51f4329a1

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_lpia.deb
Size/MD5: 248392 706f9438583e4364b4265ec8d8543bc4
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_lpia.deb
Size/MD5: 148608 5c727d7e661e44044017cb7bd6ab3402

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb
Size/MD5: 285392 c4ebd492d87451cc2979554da7e6fa34
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb
Size/MD5: 173928 e45de26f887292b7482eca418459e60c

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_sparc.deb
Size/MD5: 258120 702fbd120d05a9f1d645f85ec45ea211
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_sparc.deb
Size/MD5: 148446 029492bfe2015986538e1f141ab51f93

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.diff.gz
Size/MD5: 338916 a771044f7ddf578a1618e1667effd243
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.dsc
Size/MD5: 1150 031a6ed819b4e9f59dc4614f42f91109
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
Size/MD5: 611590 705106da305e8de191549f1e7393185c

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_amd64.deb
Size/MD5: 265286 5189d1d5a185819b8f0a3860fd3ecc2b
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_amd64.deb
Size/MD5: 156988 f76e952924eceebdde01d9671f96b9b9

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_i386.deb
Size/MD5: 244312 00502a3a984d2b40bffdf46d016caa20
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_i386.deb
Size/MD5: 147096 8cb46dd80877e60c1300e0b471a42cba

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_lpia.deb
Size/MD5: 247818 33fa14fe4ee9a538eb1c998928a302ab
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_lpia.deb
Size/MD5: 148464 75e5cde38085b939f4c3ad709f2a6b0d

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb
Size/MD5: 281656 34e746a50fbd0acd34192b9e899e161f
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb
Size/MD5: 172672 69ec0a2145ea106602c2f3fa454bc346

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_sparc.deb
Size/MD5: 255260 70cb1b7d5521b00ae993686d9336bb12
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_sparc.deb
Size/MD5: 149422 d9e458beb786bbe71ecbf51f3ba6e758

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.diff.gz
Size/MD5: 338972 b044cd4c0262d4d38fc94de90fb520d4
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.dsc
Size/MD5: 1130 1feb8d8fcb433337e8ddad65e2076e4a
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
Size/MD5: 611590 705106da305e8de191549f1e7393185c

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_amd64.deb
Size/MD5: 267300 627cc54b1a4b2ed57ae5c1de295e614c
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_amd64.deb
Size/MD5: 157340 c36998f34e2807dbb8af42934b8ede5e

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_i386.deb
Size/MD5: 244300 063e16e7e89f79a9d8b457a3881b5820
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_i386.deb
Size/MD5: 148654 615e8ada1a87f7aee7e5ccd51c2dca4e

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_lpia.deb
Size/MD5: 247994 fe717add1af434a346b59982f5e3c7c5
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_lpia.deb
Size/MD5: 151404 e13a0f651953441fc9cc5958ef874d0d

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_powerpc.deb
Size/MD5: 281960 9199bd4701581881b31df45c5ede258f
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_powerpc.deb
Size/MD5: 174950 ad1450f700117577ddede6fc3755d5da

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_sparc.deb
Size/MD5: 260378 cd74bc83de2b60ed9cf4fc442e0352e1
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_sparc.deb
Size/MD5: 152910 b684a3227432d45c220bb1378a4ed3d7



Login or Register to add favorites

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close