[Secure-testing-team] Bug#526084: [SA34927] libmodplug "PATinst()" Buffer Overflow Vulnerability
Giuseppe Iuculano
giuseppe at iuculano.it
Wed Apr 29 07:03:43 UTC 2009
Package: libmodplug
Version: 1:0.8.4-5
Severity: serious
Tags: security patch
Hi,
The following SA (Secunia Advisory) id was published for
libmodplug:
SA34927[1]
> DESCRIPTION:
> A vulnerability has been reported in libmodplug, which can be
> exploited by malicious people to cause a DoS (Denial of Service) and
> potentially compromise an application using the library.
>
> A boundary error exists within the "PATinst()" function in
> src/load_pat.c. This can be exploited to cause a buffer overflow by
> e.g. tricking a victim into opening a specially crafted file in an
> application using the library.
>
> SOLUTION:
> Update to version 0.8.7.
>
> PROVIDED AND/OR DISCOVERED BY:
> Manfred Tremmel and Stanislav Brabec
>
> ORIGINAL ADVISORY:
> http://sourceforge.net/tracker/?func=detail&aid=2777467&group_id=1275&atid=301275
You can find the trivial patch[2] in the upstream cvs repository.
If you fix the vulnerability please also make sure to include the CVE id
(if it will be available) in the changelog entry.
[1]http://secunia.com/advisories/34927
[2]http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3&r2=1.4
Cheers,
Giuseppe.
More information about the Secure-testing-team
mailing list