A remote overflow exists in mpg321. The package fails to validate some striugs within an MP3 file resulting in a printf() overflow. With a specially crafted MP3 file, an attacker can cause execution of arbitrary code resulting in a loss of integrity and/or availability.
Classification
Location:
Remote / Network Access
Technical
User-supplied strings are passed to printf(3) unsafely. This vulnerability could be exploited by a remote attacker to overwrite memory, and possibly execute arbitrary code. In order for this vulnerability to be exploited, mpg321 would need to play a malicious mp3 file (including via HTTP streaming).
Solution
For the current stable Debian distribution (woody) upgrade to mpg321 version 0.2.10.2. For the unstable distribution (sid) upgrade to mpg321 version 0.2.10.3. An upgrade is required as there are no known workarounds.
This product uses the Daylife API but is not endorsed or certified by Daylife.
This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.
