FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-15 08:21:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
9855ac8e-2aec-11db-a6e2-000e0c2e438a	alsaplayer -- multiple vulnerabilities Luigi Auriemma reports three vulnerabilities within alsaplayer: The function which handles the HTTP connections is vulnerable to a buffer-overflow that happens when it uses sscanf for copying the URL in the Location's field received from the server into the redirect buffer of only 1024 bytes declared in http_open. A buffer-overflow exists in the functions which add items to the playlist when the GTK interface is used (so the other interfaces are not affected by this problem): new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp. AlsaPlayer automatically queries the CDDB server specified in its configuration (by default freedb.freedb.org) when the user choices the CDDA function for playing audio CDs. The function which queries the server uses a buffer of 20 bytes and one of 9 for storing the category and ID strings received from the server while the buffer which contains this server's response is 32768 bytes long. Naturally for exploiting this bug the attacker must have control of the freedb server specified in the AlsaPlayer's configuration. These vulnerabilities could allow a remote attacker to execute arbitrary code, possibly gaining access to the system. Discovery 2006-08-09 Entry 2006-08-13 Modified 2010-05-12 alsaplayer gt 0 CVE-2006-4089 19450 http://aluigi.altervista.org/adv/alsapbof-adv.txt

VuXML ID

Description

9855ac8e-2aec-11db-a6e2-000e0c2e438a

alsaplayer -- multiple vulnerabilities

Luigi Auriemma reports three vulnerabilities within alsaplayer:

The function which handles the HTTP connections is vulnerable to a buffer-overflow that happens when it uses sscanf for copying the URL in the Location's field received from the server into the redirect buffer of only 1024 bytes declared in http_open.

A buffer-overflow exists in the functions which add items to the playlist when the GTK interface is used (so the other interfaces are not affected by this problem): new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp.

AlsaPlayer automatically queries the CDDB server specified in its configuration (by default freedb.freedb.org) when the user choices the CDDA function for playing audio CDs. The function which queries the server uses a buffer of 20 bytes and one of 9 for storing the category and ID strings received from the server while the buffer which contains this server's response is 32768 bytes long. Naturally for exploiting this bug the attacker must have control of the freedb server specified in the AlsaPlayer's configuration.

These vulnerabilities could allow a remote attacker to execute arbitrary code, possibly gaining access to the system.

Discovery 2006-08-09
Entry 2006-08-13
Modified 2010-05-12
alsaplayer

gt 0

CVE-2006-4089
19450
http://aluigi.altervista.org/adv/alsapbof-adv.txt