Vulnerabilities > CVE-2003-0427 - Unspecified vulnerability in Miod Vallat Mikmod 3.1.6
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN miod-vallat
nessus
Summary
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2005-405.NASL description - Mon Jun 6 2005 Martin Stransky <stransky at redhat.com> 3.1.6-35.FC4 - fixed #159290,#159291 - CVE-2003-0427 - fixed playing mod files from tar archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18574 published 2005-06-28 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18574 title Fedora Core 4 : mikmod-3.1.6-35.FC4 (2005-405) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2005-405. # include("compat.inc"); if (description) { script_id(18574); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:24"); script_xref(name:"FEDORA", value:"2005-405"); script_name(english:"Fedora Core 4 : mikmod-3.1.6-35.FC4 (2005-405)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Mon Jun 6 2005 Martin Stransky <stransky at redhat.com> 3.1.6-35.FC4 - fixed #159290,#159291 - CVE-2003-0427 - fixed playing mod files from tar archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/announce/2005-June/000938.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?3e7c8ea9" ); script_set_attribute( attribute:"solution", value: "Update the affected mikmod, mikmod-debuginfo and / or mikmod-devel packages." ); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mikmod"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mikmod-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mikmod-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:4"); script_set_attribute(attribute:"patch_publication_date", value:"2005/06/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/06/28"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 4.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC4", reference:"mikmod-3.1.6-35.FC4")) flag++; if (rpm_check(release:"FC4", reference:"mikmod-debuginfo-3.1.6-35.FC4")) flag++; if (rpm_check(release:"FC4", reference:"mikmod-devel-3.1.6-35.FC4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mikmod / mikmod-debuginfo / mikmod-devel"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-506.NASL description Updated mikmod packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. MikMod is a well known MOD music file player for UNIX-based systems. A buffer overflow bug was found in mikmod during the processing of archive filenames. An attacker could create a malicious archive that when opened by mikmod could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0427 to this issue. Users of mikmod are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18476 published 2005-06-13 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18476 title RHEL 2.1 / 3 / 4 : mikmod (RHSA-2005:506) NASL family Fedora Local Security Checks NASL id FEDORA_2005-404.NASL description - Mon Jun 06 2005 Martin Stransky <stransky at redhat.com> 3.1.6-31.FC3 - fixed #159290,#159291 - CVE-2003-0427 - fixed playing mod files from tar archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18438 published 2005-06-10 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18438 title Fedora Core 3 : mikmod-3.1.6-31.FC3 (2005-404) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2005-506.NASL description Updated mikmod packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. MikMod is a well known MOD music file player for UNIX-based systems. A buffer overflow bug was found in mikmod during the processing of archive filenames. An attacker could create a malicious archive that when opened by mikmod could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0427 to this issue. Users of mikmod are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 21835 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21835 title CentOS 3 / 4 : mikmod (CESA-2005:506) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-320.NASL description Ingo Saitz discovered a bug in mikmod whereby a long filename inside an archive file can overflow a buffer when the archive is being read by mikmod. last seen 2020-06-01 modified 2020-06-02 plugin id 15157 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15157 title Debian DSA-320-1 : mikmod - buffer overflow
Oval
accepted 2013-04-29T04:03:15.362-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 3 oval oval:org.mitre.oval:def:11782 comment CentOS Linux 3.x oval oval:org.mitre.oval:def:16651 comment The operating system installed on the system is Red Hat Enterprise Linux 4 oval oval:org.mitre.oval:def:11831 comment CentOS Linux 4.x oval oval:org.mitre.oval:def:16636 comment Oracle Linux 4.x oval oval:org.mitre.oval:def:15990
description Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. family unix id oval:org.mitre.oval:def:10194 status accepted submitted 2010-07-09T03:56:16-04:00 title Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. version 27 accepted 2005-08-18T07:37:00.000-04:00 class vulnerability contributors name Jay Beale organization Bastille Linux description Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. family unix id oval:org.mitre.oval:def:647 status accepted submitted 2005-06-20T12:00:00.000-04:00 title mikmod Long Filename Buffer Overflow version 3
Redhat
| advisories |
| ||||
| rpms |
|
Statements
| contributor | Mark J Cox |
| lastmodified | 2007-03-14 |
| organization | Red Hat |
| statement | Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. |
References
- http://www.debian.org/security/2003/dsa-320
- http://www.debian.org/security/2003/dsa-320
- http://www.redhat.com/support/errata/RHSA-2005-506.html
- http://www.redhat.com/support/errata/RHSA-2005-506.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10194
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10194
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A647
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A647