found 506377 1.61.27-1
found 506377 1.63.5-1
thanks
hi Raphael,
On Thu, Nov 20, 2008 at 06:28:45PM -0600, Raphael Geissert wrote:
> The following CVE (Common Vulnerabilities & Exposures) id was published for
> streamripper.
looking at the source it seems that the version in stable is affected here too,
not the same functions but the code in general:
httplib_parse_url():
/* search for a login '@' token */
if (strchr(url, '@') != NULL) {
ret = sscanf(url, "%[^:]:[EMAIL PROTECTED]", urlinfo->username,
urlinfo->password);
[..]
so patch has to be backportet.
Im forwarding to [EMAIL PROTECTED] Ive already prepared a fixed 1.63.5
package for unstable/lenny which im going to upload as soon as you guys give me
your OK :-)
>
> CVE-2008-4829/SA32562[1]:
> > Secunia Research has discovered some vulnerabilities in Streamripper, which
> > can be exploited by malicious people to compromise a user's system.
> >
> > 1) A boundary error exists within the function "http_parse_sc_header()" in
> > lib/http.c when parsing an overly long HTTP header starting with
> > "Zwitterion v".
> >
> > 2) A boundary error exists within the function "http_get_pls()" in
> > lib/http.c when parsing a specially crafted pls playlist containing an
> > overly long entry.
> >
> > 3) A boundary error exists within the function "http_get_m3u()" in
> > lib/http.c when parsing a specially crafted m3u playlist containing an
> > overly long "File" entry.
> >
> > Successful exploitation allows the execution of arbitrary code, but
> > requires that a user is tricked into connecting to a malicious server.
> >
> > The vulnerabilities are confirmed in version 1.63.5. Other versions may
> > also be affected.
>
> The patch by upstream to fix the vulnerabilities can be found at [2].
>
> It would be great if you could verify whether the version in etch is also
> affected.
>
> If you fix the vulnerability please also make sure to include the CVE id in
> the changelog entry.
>
> [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829
> http://security-tracker.debian.net/tracker/CVE-2008-4829
> http://secunia.com/Advisories/32562/
> [2]http://streamripper.cvs.sourceforge.net/viewvc/streamripper/sripper_1x/lib/http.c?view=patch&r1=1.50&r2=1.51&pathrev=sripper-1_64_0
>
> Cheers,
> --
> Raphael Geissert - Debian Maintainer
> www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
