found 506377 1.61.27-1 found 506377 1.63.5-1 thanks hi Raphael,
On Thu, Nov 20, 2008 at 06:28:45PM -0600, Raphael Geissert wrote: > The following CVE (Common Vulnerabilities & Exposures) id was published for > streamripper. looking at the source it seems that the version in stable is affected here too, not the same functions but the code in general: httplib_parse_url(): /* search for a login '@' token */ if (strchr(url, '@') != NULL) { ret = sscanf(url, "%[^:]:[EMAIL PROTECTED]", urlinfo->username, urlinfo->password); [..] so patch has to be backportet. Im forwarding to [EMAIL PROTECTED] Ive already prepared a fixed 1.63.5 package for unstable/lenny which im going to upload as soon as you guys give me your OK :-) > > CVE-2008-4829/SA32562[1]: > > Secunia Research has discovered some vulnerabilities in Streamripper, which > > can be exploited by malicious people to compromise a user's system. > > > > 1) A boundary error exists within the function "http_parse_sc_header()" in > > lib/http.c when parsing an overly long HTTP header starting with > > "Zwitterion v". > > > > 2) A boundary error exists within the function "http_get_pls()" in > > lib/http.c when parsing a specially crafted pls playlist containing an > > overly long entry. > > > > 3) A boundary error exists within the function "http_get_m3u()" in > > lib/http.c when parsing a specially crafted m3u playlist containing an > > overly long "File" entry. > > > > Successful exploitation allows the execution of arbitrary code, but > > requires that a user is tricked into connecting to a malicious server. > > > > The vulnerabilities are confirmed in version 1.63.5. Other versions may > > also be affected. > > The patch by upstream to fix the vulnerabilities can be found at [2]. > > It would be great if you could verify whether the version in etch is also > affected. > > If you fix the vulnerability please also make sure to include the CVE id in > the changelog entry. > > [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829 > http://security-tracker.debian.net/tracker/CVE-2008-4829 > http://secunia.com/Advisories/32562/ > [2]http://streamripper.cvs.sourceforge.net/viewvc/streamripper/sripper_1x/lib/http.c?view=patch&r1=1.50&r2=1.51&pathrev=sripper-1_64_0 > > Cheers, > -- > Raphael Geissert - Debian Maintainer > www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]