Vulnerabilities > CVE-2006-6172 - Remote Buffer Overflow vulnerability in Xine-Lib RuleMatches

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mplayer
xine
nessus

Summary

Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.

Vulnerable Configurations

Part Description Count
Application
Mplayer
1
Application
Xine
1

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_1B043693861711DB93B2000E35248AD7.NASL
    descriptionThe libxine development team reports that several vulnerabilities had been found in the libxine library. The first vulnerability is caused by improper checking of the src/input/libreal/real.c
    last seen2020-06-01
    modified2020-06-02
    plugin id23793
    published2006-12-11
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/23793
    titleFreeBSD : libxine -- multiple buffer overflow vulnerabilities (1b043693-8617-11db-93b2-000e35248ad7)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-392-1.NASL
    descriptionA buffer overflow was discovered in the Real Media input plugin in xine-lib. If a user were tricked into loading a specially crafted stream from a malicious server, the attacker could execute arbitrary code with the user
    last seen2020-06-01
    modified2020-06-02
    plugin id27977
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27977
    titleUbuntu 5.10 / 6.06 LTS / 6.10 : xine-lib vulnerability (USN-392-1)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2006-357-05.NASL
    descriptionNew xine-lib packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id24665
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24665
    titleSlackware 10.0 / 10.1 / 10.2 / 11.0 / 9.1 : xine-lib (SSA:2006-357-05)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2007-112.NASL
    descriptionBuffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id25430
    published2007-06-05
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/25430
    titleMandrake Linux Security Advisory : mplayer (MDKSA-2007:112)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_B2FF68B29F2911DBA4E40211D87675B7.NASL
    descriptionA potential buffer overflow was found in the code used to handle RealMedia RTSP streams. When checking for matching asm rules, the code stores the results in a fixed-size array, but no boundary checks are performed. This may lead to a buffer overflow if the user is tricked into connecting to a malicious server. Since the attacker cannot write arbitrary data into the buffer, creating an exploit is very hard; but a DoS attack is easily made. A fix for this problem was committed to SVN on Sun Dec 31 13:27:53 2006 UTC as r21799. The fix involves three files: stream/realrtsp/asmrp.c, stream/realrtsp/asmrp.h and stream/realrtsp/real.c.
    last seen2020-06-01
    modified2020-06-02
    plugin id24007
    published2007-01-11
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/24007
    titleFreeBSD : mplayer -- buffer overflow in the code for RealMedia RTSP streams. (b2ff68b2-9f29-11db-a4e4-0211d87675b7)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200702-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200702-11 (MPlayer: Buffer overflow) When checking for matching asm rules in the asmrp.c code, the results are stored in a fixed-size array without boundary checks which may allow a buffer overflow. Impact : An attacker can entice a user to connect to a manipulated RTSP server resulting in a Denial of Service and possibly execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id24731
    published2007-02-28
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24731
    titleGLSA-200702-11 : MPlayer: Buffer overflow
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200612-02.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200612-02 (xine-lib: Buffer overflow) A possible buffer overflow has been reported in the Real Media input plugin. Impact : An attacker could exploit this vulnerability by enticing a user into loading a specially crafted stream with xine or an application using xine-lib. This can lead to a Denial of Service and possibly the execution of arbitrary code with the rights of the user running the application. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id23796
    published2006-12-11
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23796
    titleGLSA-200612-02 : xine-lib: Buffer overflow
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-224.NASL
    descriptionBuffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id24608
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24608
    titleMandrake Linux Security Advisory : xine-lib (MDKSA-2006:224)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1244.NASL
    descriptionIt was discovered that the Xine multimedia library performs insufficient sanitising of Real streams, which might lead to the execution of arbitrary code through a buffer overflow.
    last seen2020-06-01
    modified2020-06-02
    plugin id23949
    published2006-12-30
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23949
    titleDebian DSA-1244-1 : xine-lib - buffer overflow