Vulnerabilities > CVE-2006-2802 - Buffer Overflow vulnerability in Xine-Lib HTTP Response

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
xine
nessus
exploit available

Summary

Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.

Vulnerable Configurations

Part Description Count
Application
Xine
5

Exploit-Db

descriptiongxine 0.5.6 (HTTP Plugin) Remote Buffer Overflow PoC. CVE-2006-2802. Dos exploit for linux platform
fileexploits/linux/dos/1852.c
idEDB-ID:1852
last seen2016-01-31
modified2006-05-30
platformlinux
port
published2006-05-30
reporterFederico L. Bossi Bonin
sourcehttps://www.exploit-db.com/download/1852/
titlegxine 0.5.6 HTTP Plugin Remote Buffer Overflow PoC
typedos

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-174.NASL
    descriptionGstreamer-ffmpeg uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. Updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id24560
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24560
    titleMandrake Linux Security Advisory : gstreamer-ffmpeg (MDKSA-2006:174)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200609-08.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200609-08 (xine-lib: Buffer overflows) xine-lib contains buffer overflows in the processing of AVI. Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP plugin (xineplug_inp_http.so) via a long reply from an HTTP server. Impact : An attacker could trigger the buffer overflow vulnerabilities by enticing a user to load a specially crafted AVI file in xine. This might result in the execution of arbitrary code with the rights of the user running xine. Additionally, a remote HTTP server serving a xine client a specially crafted reply could crash xine and possibly execute arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id22353
    published2006-09-15
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22353
    titleGLSA-200609-08 : xine-lib: Buffer overflows
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_107E2EE5F94111DAB1FA020039488E34.NASL
    descriptionA Secunia Advisory reports : Federico L. Bossi Bonin has discovered a weakness in xine-lib, which can be exploited by malicious people to crash certain applications on a user
    last seen2020-06-01
    modified2020-06-02
    plugin id21700
    published2006-06-16
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21700
    titleFreeBSD : libxine -- buffer overflow vulnerability (107e2ee5-f941-11da-b1fa-020039488e34)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-295-1.NASL
    descriptionFederico L. Bossi Bonin discovered a buffer overflow in the HTTP input module. By tricking an user into opening a malicious remote media location, a remote attacker could exploit this to crash Xine library frontends (like totem-xine, gxine, or xine-ui) and possibly even execute arbitrary code with the user
    last seen2020-06-01
    modified2020-06-02
    plugin id27867
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27867
    titleUbuntu 5.04 / 5.10 / 6.06 LTS : xine-lib vulnerability (USN-295-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1105.NASL
    descriptionFederico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, that could allow a remote attacker to cause a denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id22647
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22647
    titleDebian DSA-1105-1 : xine-lib - buffer overflow
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-176.NASL
    descriptionXine-lib uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. Updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id24562
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24562
    titleMandrake Linux Security Advisory : xine-lib (MDKSA-2006:176)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_XINE-LIB-1599.NASL
    descriptionMissing length checks in the HTTP plugin could lead to a buffer overflow on the heap (CVE-2006-2802).
    last seen2020-06-01
    modified2020-06-02
    plugin id27484
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27484
    titleopenSUSE 10 Security Update : xine-lib (xine-lib-1599)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-173.NASL
    descriptionMultiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. Updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id24559
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24559
    titleMandrake Linux Security Advisory : ffmpeg (MDKSA-2006:173)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-108.NASL
    descriptionA buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6. (CVE-2006-2802) In addition, a possible buffer overflow exists in the AVI demuxer, similar in nature to CVE-2006-1502 for MPlayer. The Corporate 3 release of xine-lib does not have this issue. The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id21752
    published2006-06-24
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/21752
    titleMandrake Linux Security Advisory : xine-lib (MDKSA-2006:108)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2006-207-04.NASL
    descriptionNew xine-lib packages are available for Slackware 10.2 and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id22101
    published2006-07-28
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22101
    titleSlackware 10.2 / current : xine-lib (SSA:2006-207-04)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-175.NASL
    descriptionMplayer uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. Updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id24561
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24561
    titleMandrake Linux Security Advisory : mplayer (MDKSA-2006:175)