MikMod Module Player Denial Of Service Vulnerability (Linux) Network Vulnerability

Summary

This host is installed with MikMod Module Player and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker crash the application to cause denial-of-service condition. Impact level: Application

Solution

Apply Patch, http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5 filename=31.xm-header.patch att=1 bug=476339

Insight

- libmikmod library using a global variable to keep track of the number of channels can be exploited to crash an application using the library by loading a module with more channels than the currently playing module. - Error when processing the header of certain XM files which can be exploited to crash an application using the library via a specially crafted XM file.

Affected

MikMod Module Player version 3.1.11 to 3.2.0 on Linux.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519
http://secunia.com/advisories/33485

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0179

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ejabberd XML Parsing Denial of Service Vulnerability (Windows)
F-PROT Antivirus Multiple Vulnerabilities
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
freeFTPD PORT Command Denial of Service Vulnerability
Comodo Internet Security Denial of Service Vulnerability-02

MikMod Module Player Denial of Service Vulnerability (Linux)

Take action and discover your vulnerabilities