....
 

Guardian Digital Inc. > InfoCenter > Mailing List Archives > Full Disclosure

Full Disclosure Mailing List Archive

From: Christophe Savin (christophe.savin@tdf.fr)
Date: Tue Dec 21 2004 - 12:38:56 EST


 En mon absence, toute demande concernant les réseaux doit être envoyée au mail : ars_reseaux@tdf.fr ou (ars_transpac pour tout incident lié à ce réseau)

En cas d'urgence, Vous pouvez contacter :
  La Hot-line Réseaux : 01 49 15 32 53
  François LEVEQUE au 01 49 15 30 56
  Pascal PAINPARAY au 01 49 15 31 36.
 
  Bonnes fêtes de fin d'année.
  Christophe SAVIN

>>> full-disclosure 12/20/04 18:01 >>>

Send Full-Disclosure mailing list submissions to
        full-disclosure@lists.netsys.com

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.netsys.com/mailman/listinfo/full-disclosure
or, via email, send a message with subject or body 'help' to
        full-disclosure-request@lists.netsys.com

You can reach the person managing the list at
        full-disclosure-owner@lists.netsys.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Full-Disclosure digest..."

Today's Topics:

   1. [ GLSA 200412-21 ] MPlayer: Multiple overflows (Thierry Carrez)
   2. RE: RE: Cipher Tool (Todd Towles)
   3. [USN-42-1] Xine library vulnerabilities (Martin Pitt)

----------------------------------------------------------------------

Message: 1
Date: Mon, 20 Dec 2004 15:06:31 +0100
From: Thierry Carrez <koon@gentoo.org>
Subject: [Full-Disclosure] [ GLSA 200412-21 ] MPlayer: Multiple
        overflows
To: gentoo-announce@lists.gentoo.org
Cc: security-alerts@linuxsecurity.com, bugtraq@securityfocus.com,
        full-disclosure@lists.netsys.com
Message-ID: <41C6DC67.9010300@gentoo.org>
Content-Type: text/plain; charset="iso-8859-1"

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: MPlayer: Multiple overflows
      Date: December 20, 2004
      Bugs: #74473
        ID: 200412-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple overflow vulnerabilities have been found in MPlayer,
potentially resulting in remote executing of arbitrary code.

Background
==========

MPlayer is a media player capable of handling multiple multimedia file
formats.

Affected packages
=================

    -------------------------------------------------------------------
     Package / Vulnerable / Unaffected
    -------------------------------------------------------------------
  1 media-video/mplayer <= 1.0_pre5-r4 >= 1.0_pre5-r5

Description
===========

iDEFENSE, Ariel Berkman and the MPlayer development team found multiple
vulnerabilities in MPlayer. These include potential heap overflows in
Real RTSP and pnm streaming code, stack overflows in MMST streaming
code and multiple buffer overflows in BMP demuxer and mp3lib code.

Impact
======

A remote attacker could craft a malicious file or design a malicious
streaming server. Using MPlayer to view this file or connect to this
server could trigger an overflow and execute attacker-controlled code.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All MPlayer users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0_pre5-r5"

References
==========

  [ 1 ] iDEFENSE Advisory

http://www.idefense.com/application/poi/display?id=168&type=vulnerabilities
  [ 2 ] iDEFENSE Advisory

http://www.idefense.com/application/poi/display?id=167&type=vulnerabilities
  [ 3 ] iDEFENSE Advisory

http://www.idefense.com/application/poi/display?id=166&type=vulnerabilities
  [ 4 ] Ariel Berkman Advisory
        http://tigger.uic.edu/~jlongs2/holes/mplayer.txt

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200412-21.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2004 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.netsys.com/pipermail/full-disclosure/attachments/20041220/e2d182a7/signature-0001.bin

------------------------------

Message: 2
Date: Mon, 20 Dec 2004 08:23:49 -0600
From: "Todd Towles" <toddtowles@brookshires.com>
Subject: RE: [Full-Disclosure] RE: Cipher Tool
To: "James Tucker" <jftucker@gmail.com>, "richard capistrano"
        <mikoc02@yahoo.com>
Cc: full-disclosure@lists.netsys.com
Message-ID:
        <9E97F0997FB84D42B221B9FB203EFA275CB4B4@dc1ms2.msad.brookshires.net>
Content-Type: text/plain; charset="us-ascii"

Or you could go buy some of these and link them together to reach over a
distance.

The First Commercial Quantum Cryptography solution - encryption per
photon =)
 http://www.magiqtech.com/index.php

> -----Original Message-----
> From: full-disclosure-bounces@lists.netsys.com
> [mailto:full-disclosure-bounces@lists.netsys.com] On Behalf
> Of James Tucker
> Sent: Wednesday, December 15, 2004 10:38 PM
> To: richard capistrano
> Cc: full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] RE: Cipher Tool
>
> Have you considered using secured network protocols on
> dedicated encryption hardware? or is that beyond the price point?
>
> Any cipher algorithm would be theoretically implementable
> (providing the length of data is suitable). If you are
> looking for _real_ performance though then ciphering may not
> be what you want as there isn't any good cipher that is
> really overly fast fast (deliberate double).
>
> There are other core pieces of the puzzle to be considered
> though, like are you going to be talking in a client less
> manner (i.e. is the client pre-configured or has the client
> never received secure comms
> before?) Is there a socket/tunnel already running? What is
> the rough length of the data set (impact readability and
> suitability for encryption algorithms)? What is the
> performance restriction (i.e.
> where is the bottleneck)? How secure do you need it,
> anti-fool, seconds, hours, years or millennial(might actually
> require more data storage than money can buy)?
>
> I raised an eyebrow at the last portion of your mail, "Is
> there a freeware or software or information, I can check
> out?". This would suggest that you are looking to put another
> program somewhere mid-flow in a data pipe; thats not always a
> good option.
>
> If you're really looking for speed and ease of implementation
> then something like a simple rotation cipher might work out
> for you, but this is going to be so poor a encryption that
> some cipher pro's could read it in its encrypted form. This
> is obviously no good if you're worried about credit card
> info, but is OK if it's just your girlfriend being a nosy ....... .
>
>
> On Tue, 14 Dec 2004 00:23:41 -0800 (PST), richard capistrano
> <mikoc02@yahoo.com> wrote:
> >
> >
> >
> > Hello,
> >
> >
> >
> >
> >
> > We are looking for a tool that can actually cipher or hash a
> > particular portion of a file so that it will not display the
> > particular field of a file. This will be applied to the
> file so that
> > when it travels the network, the confidential field in the
> file is not
> > displayed in clear text. Due to performance issues, we can
> not simply hash the whole file.
> >
> >
> >
> > Is there a freeware or software or information, I can check out?
> > Thanks in advance.
> >
> > ________________________________
> > Do you Yahoo!?
> > Read only the mail you want - Yahoo! Mail SpamGuard.
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

------------------------------

Message: 3
Date: Mon, 20 Dec 2004 16:34:37 +0100
From: Martin Pitt <martin.pitt@canonical.com>
Subject: [Full-Disclosure] [USN-42-1] Xine library vulnerabilities
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.netsys.com
Message-ID: <20041220153437.GA10100@box79162.elkhouse.de>
Content-Type: text/plain; charset="us-ascii"

===========================================================
Ubuntu Security Notice USN-42-1 December 20, 2004
xine-lib vulnerabilities
https://sourceforge.net/project/shownotes.php?group_id=9655&release_id=290099
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libxine1

The problem can be corrected by upgrading the affected package to
version 1-rc5-1ubuntu2.1. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Several buffer overflows have been discovered in xine-lib, the
video/audio codec library for Xine frontends (xine-ui, totem-xine,
kaffeine, and others). If an attacker tricked a user into loading a
malicious RTSP stream or a stream with specially crafted AIFF audio or
PNM image data, they could exploit this to execute arbitrary code with
the privileges of the user opening the audio/video file.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5-1ubuntu2.1.diff.gz
      Size/MD5: 220103 36088cafe1ebf980e974121c75509342
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5-1ubuntu2.1.dsc
      Size/MD5: 950 b91b838d1e93be1d6dbaf4e25fdcc0a2
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5.orig.tar.gz
      Size/MD5: 7052663 703c3e68d60524598d4d9e527fe38286

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.1_amd64.deb
      Size/MD5: 101304 3924c05126efb642a3a4caeb76fa103f
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.1_amd64.deb
      Size/MD5: 3542990 2b49a83c4ac8aee07480cbe4f0639802

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.1_i386.deb
      Size/MD5: 101282 650241599ab0b2b95e87e4ea998392ca
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.1_i386.deb
      Size/MD5: 3728702 b5aabac9ef7413d59ed599589876c5ab

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.1_powerpc.deb
      Size/MD5: 101296 604e0163adfa10406d729321977de6d5
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.1_powerpc.deb
      Size/MD5: 3886558 4aa25f9823981361dd44ec1f4a53f62f
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.netsys.com/pipermail/full-disclosure/attachments/20041220/2875d1b3/attachment-0001.bin

------------------------------

_______________________________________________
Full-Disclosure mailing list
Full-Disclosure@lists.netsys.com
https://lists.netsys.com/mailman/listinfo/full-disclosure

End of Full-Disclosure Digest, Vol 1, Issue 2118
************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



[ About Guardian Digital ] - [ Press Center ] - [ Contact Us ] - [ System Activation ] - [ Reseller Info ] - [ Online Store ] - [ Site Map ]
Copyright (c) 2000 - 2004 Guardian Digital, Inc. Linux Lockbox and EnGarde are Trademarks of Guardian Digital, Inc.