Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[Full-Disclosure] Objet :Full-disclosure Digest , Vol 1, Issue 2118 (De retour le mardi 28 décembr e.)
From: "Christophe Savin" <christophe.savin () tdf fr>
Date: Tue, 21 Dec 2004 18:38:56 +0100

 En mon absence,  toute demande concernant les réseaux doit être envoyée au mail : ars_reseaux () tdf fr ou 
(ars_transpac pour tout incident lié à ce réseau)

En cas d'urgence, Vous pouvez contacter :
  La Hot-line Réseaux : 01 49 15 32 53  
  François LEVEQUE au 01 49 15 30 56
  Pascal PAINPARAY au 01 49 15 31 36.
 
  Bonnes fêtes de fin d'année.
  Christophe SAVIN


full-disclosure 12/20/04 18:01 >>>

Send Full-Disclosure mailing list submissions to
        full-disclosure () lists netsys com

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.netsys.com/mailman/listinfo/full-disclosure
or, via email, send a message with subject or body 'help' to
        full-disclosure-request () lists netsys com

You can reach the person managing the list at
        full-disclosure-owner () lists netsys com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Full-Disclosure digest..."


Today's Topics:

   1. [ GLSA 200412-21 ] MPlayer: Multiple overflows (Thierry Carrez)
   2. RE: RE: Cipher Tool (Todd Towles)
   3. [USN-42-1] Xine library vulnerabilities (Martin Pitt)


----------------------------------------------------------------------

Message: 1
Date: Mon, 20 Dec 2004 15:06:31 +0100
From: Thierry Carrez <koon () gentoo org>
Subject: [Full-disclosure] [ GLSA 200412-21 ] MPlayer: Multiple
        overflows
To: gentoo-announce () lists gentoo org
Cc: security-alerts () linuxsecurity com, bugtraq () securityfocus com,
        full-disclosure () lists netsys com
Message-ID: <41C6DC67.9010300 () gentoo org>
Content-Type: text/plain; charset="iso-8859-1"

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200412-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: MPlayer: Multiple overflows
      Date: December 20, 2004
      Bugs: #74473
        ID: 200412-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple overflow vulnerabilities have been found in MPlayer,
potentially resulting in remote executing of arbitrary code.

Background
==========

MPlayer is a media player capable of handling multiple multimedia file
formats.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /    Vulnerable    /              Unaffected
    -------------------------------------------------------------------
  1  media-video/mplayer     <= 1.0_pre5-r4             >= 1.0_pre5-r5

Description
===========

iDEFENSE, Ariel Berkman and the MPlayer development team found multiple
vulnerabilities in MPlayer. These include potential heap overflows in
Real RTSP and pnm streaming code, stack overflows in MMST streaming
code and multiple buffer overflows in BMP demuxer and mp3lib code.

Impact
======

A remote attacker could craft a malicious file or design a malicious
streaming server. Using MPlayer to view this file or connect to this
server could trigger an overflow and execute attacker-controlled code.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All MPlayer users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0_pre5-r5"

References
==========

  [ 1 ] iDEFENSE Advisory

http://www.idefense.com/application/poi/display?id=168&type=vulnerabilities
  [ 2 ] iDEFENSE Advisory

http://www.idefense.com/application/poi/display?id=167&type=vulnerabilities
  [ 3 ] iDEFENSE Advisory

http://www.idefense.com/application/poi/display?id=166&type=vulnerabilities
  [ 4 ] Ariel Berkman Advisory
        http://tigger.uic.edu/~jlongs2/holes/mplayer.txt

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200412-21.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security () gentoo org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2004 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.netsys.com/pipermail/full-disclosure/attachments/20041220/e2d182a7/signature-0001.bin

------------------------------

Message: 2
Date: Mon, 20 Dec 2004 08:23:49 -0600
From: "Todd Towles" <toddtowles () brookshires com>
Subject: RE: [Full-disclosure] RE: Cipher Tool
To: "James Tucker" <jftucker () gmail com>,     "richard capistrano"
        <mikoc02 () yahoo com>
Cc: full-disclosure () lists netsys com
Message-ID:
        <9E97F0997FB84D42B221B9FB203EFA275CB4B4 () dc1ms2 msad brookshires net>
Content-Type: text/plain;       charset="us-ascii"

Or you could go buy some of these and link them together to reach over a
distance.

The First Commercial Quantum Cryptography solution - encryption per
photon =)
 http://www.magiqtech.com/index.php

-----Original Message-----
From: full-disclosure-bounces () lists netsys com 
[mailto:full-disclosure-bounces () lists netsys com] On Behalf 
Of James Tucker
Sent: Wednesday, December 15, 2004 10:38 PM
To: richard capistrano
Cc: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] RE: Cipher Tool

Have you considered using secured network protocols on 
dedicated encryption hardware? or is that beyond the price point?

Any cipher algorithm would be theoretically implementable 
(providing the length of data is suitable). If you are 
looking for _real_ performance though then ciphering may not 
be what you want as there isn't any good cipher that is 
really overly fast fast (deliberate double).

There are other core pieces of the puzzle to be considered 
though, like are you going to be talking in a client less 
manner (i.e. is the client pre-configured or has the client 
never received secure comms
before?) Is there a socket/tunnel already running? What is 
the rough length of the data set (impact readability and 
suitability for encryption algorithms)? What is the 
performance restriction (i.e.
where is the bottleneck)? How secure do you need it, 
anti-fool, seconds, hours, years or millennial(might actually 
require more data storage than money can buy)?

I raised an eyebrow at the last portion of your mail, "Is 
there a freeware or software or information, I can check 
out?". This would suggest that you are looking to put another 
program somewhere mid-flow in a data pipe; thats not always a 
good option.

If you're really looking for speed and ease of implementation 
then something like a simple rotation cipher might work out 
for you, but this is going to be so poor a encryption that 
some cipher pro's could read it in its encrypted form. This 
is obviously no good if you're worried about credit card 
info, but is OK if it's just your girlfriend being a nosy ....... .


On Tue, 14 Dec 2004 00:23:41 -0800 (PST), richard capistrano 
<mikoc02 () yahoo com> wrote:
 
 

Hello,

  

  

We are looking for a tool that can actually cipher or hash a 
particular portion of a file so that it will not display the 
particular field of a file. This will be applied to the 
file so that 
when it travels the network, the confidential field in the 
file is not 
displayed in clear text. Due to performance issues, we can 
not simply hash the whole file.

  

Is there a freeware or software or information, I can check out? 
Thanks in advance.

 ________________________________
Do you Yahoo!?
 Read only the mail you want - Yahoo! Mail SpamGuard. 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




------------------------------

Message: 3
Date: Mon, 20 Dec 2004 16:34:37 +0100
From: Martin Pitt <martin.pitt () canonical com>
Subject: [Full-disclosure] [USN-42-1] Xine library vulnerabilities
To: ubuntu-security-announce () lists ubuntu com
Cc: bugtraq () securityfocus com, full-disclosure () lists netsys com
Message-ID: <20041220153437.GA10100 () box79162 elkhouse de>
Content-Type: text/plain; charset="us-ascii"

===========================================================
Ubuntu Security Notice USN-42-1           December 20, 2004
xine-lib vulnerabilities
https://sourceforge.net/project/shownotes.php?group_id=9655&release_id=290099
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libxine1

The problem can be corrected by upgrading the affected package to
version 1-rc5-1ubuntu2.1.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Several buffer overflows have been discovered in xine-lib, the
video/audio codec library for Xine frontends (xine-ui, totem-xine,
kaffeine, and others). If an attacker tricked a user into loading a
malicious RTSP stream or a stream with specially crafted AIFF audio or
PNM image data, they could exploit this to execute arbitrary code with
the privileges of the user opening the audio/video file.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5-1ubuntu2.1.diff.gz
      Size/MD5:   220103 36088cafe1ebf980e974121c75509342
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5-1ubuntu2.1.dsc
      Size/MD5:      950 b91b838d1e93be1d6dbaf4e25fdcc0a2
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5.orig.tar.gz
      Size/MD5:  7052663 703c3e68d60524598d4d9e527fe38286

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.1_amd64.deb
      Size/MD5:   101304 3924c05126efb642a3a4caeb76fa103f
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.1_amd64.deb
      Size/MD5:  3542990 2b49a83c4ac8aee07480cbe4f0639802

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.1_i386.deb
      Size/MD5:   101282 650241599ab0b2b95e87e4ea998392ca
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.1_i386.deb
      Size/MD5:  3728702 b5aabac9ef7413d59ed599589876c5ab

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.1_powerpc.deb
      Size/MD5:   101296 604e0163adfa10406d729321977de6d5
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.1_powerpc.deb
      Size/MD5:  3886558 4aa25f9823981361dd44ec1f4a53f62f
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.netsys.com/pipermail/full-disclosure/attachments/20041220/2875d1b3/attachment-0001.bin

------------------------------

_______________________________________________
Full-Disclosure mailing list
Full-Disclosure () lists netsys com
https://lists.netsys.com/mailman/listinfo/full-disclosure


End of Full-Disclosure Digest, Vol 1, Issue 2118
************************************************


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
  • [Full-Disclosure] Objet :Full-disclosure Digest , Vol 1, Issue 2118 (De retour le mardi 28 décembr e.) Christophe Savin (Dec 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]