Mandriva Update For Mpg123 MDKSA-2007:032 (mpg123) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early. Packages have been patched to correct this issue.

Affected

mpg123 on Mandriva Linux 2006.0, Mandriva Linux 2006.0/X86_64, Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2007-0578

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:186 (firebird)
Mandrake Security Advisory MDVSA-2009:207 (perl-Compress-Raw-Bzip2)
Mandrake Security Advisory MDVSA-2009:129 (file)
Mandrake Security Advisory MDVSA-2009:124 (apache)
Mandrake Security Advisory MDVSA-2009:039 (gedit)

Mandriva Update for mpg123 MDKSA-2007:032 (mpg123)

Take action and discover your vulnerabilities