Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://tigger.uic.edu/~jlongs2/holes/mpg123.txt
http://secunia.com/advisories/13511/
http://xforce.iss.net/xforce/xfdb/18626
http://marc.theaimsgroup.com/?l=bugtraq&m=110321888413132 http://www.vuxml.org/freebsd/877e918e-5362-11d9-96d4-00065be4b5b6.html
Insight
The following packages are affected:
mpg123
mpg123-nas
mpg123-esound
CVE-2004-1284
Buffer overflow in the find_next_file function in playlist.c for mpg123 0.59r allows remote attackers to execute arbitrary code via a crafted MP3 playlist.
Severity
Classification
-
CVE CVE-2004-1284 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities