Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://marc.theaimsgroup.com/?l=bugtraq&m=109834486312407 http://www.vuxml.org/freebsd/20d16518-2477-11d9-814e-0001020eed82.html
Insight
The following packages are affected:
mpg123
mpg123-nas
mpg123-esound
CVE-2004-0982
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.
Severity
Classification
-
CVE CVE-2004-0982 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities