Vulnerabilities > CVE-2009-0179 - Remote Denial of Service vulnerability in libmikmod '.XM' File
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_1_LIBMIKMOD-090227.NASL description Specially crafted XM files or playing mod files with varying number of channels could crash applications using libmikmod (CVE-2009-0179, CVE-2007-6720). last seen 2020-06-01 modified 2020-06-02 plugin id 40257 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40257 title openSUSE Security Update : libmikmod (libmikmod-570) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libmikmod-570. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(40257); script_version("1.10"); script_cvs_date("Date: 2019/10/25 13:36:35"); script_cve_id("CVE-2007-6720", "CVE-2009-0179"); script_name(english:"openSUSE Security Update : libmikmod (libmikmod-570)"); script_summary(english:"Check for the libmikmod-570 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted XM files or playing mod files with varying number of channels could crash applications using libmikmod (CVE-2009-0179, CVE-2007-6720)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=468760" ); script_set_attribute( attribute:"solution", value:"Update the affected libmikmod packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmikmod"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmikmod-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmikmod-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1"); script_set_attribute(attribute:"patch_publication_date", value:"2009/02/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.1", reference:"libmikmod-3.1.11a-71.56.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"libmikmod-devel-3.1.11a-71.56.1") ) flag++; if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"libmikmod-32bit-3.1.11a-71.56.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmikmod / libmikmod-32bit / libmikmod-devel"); }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-995-1.NASL description It was discovered that libMikMod incorrectly handled songs with different channel counts. If a user were tricked into opening a crafted song file, an attacker could cause a denial of service. (CVE-2007-6720) It was discovered that libMikMod incorrectly handled certain malformed XM files. If a user were tricked into opening a crafted XM file, an attacker could cause a denial of service. (CVE-2009-0179) It was discovered that libMikMod incorrectly handled certain malformed Impulse Tracker files. If a user were tricked into opening a crafted Impulse Tracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971) It was discovered that libMikMod incorrectly handled certain malformed Ultratracker files. If a user were tricked into opening a crafted Ultratracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3996). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 49764 published 2010-10-06 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49764 title Ubuntu 8.04 LTS / 9.04 / 9.10 : libmikmod vulnerabilities (USN-995-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-995-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(49764); script_version("1.15"); script_cvs_date("Date: 2019/09/19 12:54:26"); script_cve_id("CVE-2007-6720", "CVE-2009-0179", "CVE-2009-3995", "CVE-2009-3996", "CVE-2009-3997", "CVE-2010-2546", "CVE-2010-2971"); script_bugtraq_id(33235, 33240, 37374, 41917, 42464); script_xref(name:"USN", value:"995-1"); script_name(english:"Ubuntu 8.04 LTS / 9.04 / 9.10 : libmikmod vulnerabilities (USN-995-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that libMikMod incorrectly handled songs with different channel counts. If a user were tricked into opening a crafted song file, an attacker could cause a denial of service. (CVE-2007-6720) It was discovered that libMikMod incorrectly handled certain malformed XM files. If a user were tricked into opening a crafted XM file, an attacker could cause a denial of service. (CVE-2009-0179) It was discovered that libMikMod incorrectly handled certain malformed Impulse Tracker files. If a user were tricked into opening a crafted Impulse Tracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971) It was discovered that libMikMod incorrectly handled certain malformed Ultratracker files. If a user were tricked into opening a crafted Ultratracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3996). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/995-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected libmikmod2 and / or libmikmod2-dev packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmikmod2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmikmod2-dev"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/01/20"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(8\.04|9\.04|9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 9.04 / 9.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"8.04", pkgname:"libmikmod2", pkgver:"3.1.11-6ubuntu3.8.04.1")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"libmikmod2-dev", pkgver:"3.1.11-a-6ubuntu3.8.04.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libmikmod2", pkgver:"3.1.11-6ubuntu3.9.04.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libmikmod2-dev", pkgver:"3.1.11-a-6ubuntu3.9.04.1")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libmikmod2", pkgver:"3.1.11-6ubuntu4.1")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libmikmod2-dev", pkgver:"3.1.11-a-6ubuntu4.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmikmod2 / libmikmod2-dev"); }NASL family Fedora Local Security Checks NASL id FEDORA_2009-9112.NASL description - Fri Aug 28 2009 Jindrich Novy <jnovy at redhat.com> 3.2.0-5.beta2 - fix CVE-2007-6720 (#479829) - fix CVE-2009-0179 (#479833) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 40810 published 2009-08-31 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40810 title Fedora 11 : libmikmod-3.2.0-5.beta2.fc11 (2009-9112) NASL family Fedora Local Security Checks NASL id FEDORA_2009-9095.NASL description - Fri Aug 28 2009 Jindrich Novy <jnovy at redhat.com> 3.2.0-4.beta2 - fix CVE-2007-6720 (#479829) - fix CVE-2009-0179 (#479833) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 40809 published 2009-08-31 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40809 title Fedora 10 : libmikmod-3.2.0-4.beta2.fc10 (2009-9095) NASL family SuSE Local Security Checks NASL id SUSE9_12359.NASL description Specially crafted XM files or playing mod files with varying number of channels could crash applications using libmikmod. (CVE-2009-0179, CVE-2007-6720) last seen 2020-06-01 modified 2020-06-02 plugin id 41282 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41282 title SuSE9 Security Update : libmikmod (YOU Patch Number 12359) NASL family SuSE Local Security Checks NASL id SUSE_LIBMIKMOD-6034.NASL description Specially crafted XM files or playing mod files with varying number of channels could crash applications using libmikmod. (CVE-2009-0179 / CVE-2007-6720) last seen 2020-06-01 modified 2020-06-02 plugin id 41545 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41545 title SuSE 10 Security Update : libmikmod (ZYPP Patch Number 6034) NASL family Solaris Local Security Checks NASL id SOLARIS11_LIBMIKMOD_20140114.NASL description The remote Solaris system is missing necessary patches to address security updates : - libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file. (CVE-2009-0179) last seen 2020-06-01 modified 2020-06-02 plugin id 80672 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80672 title Oracle Solaris Third-Party Patch Update : libmikmod (cve_2009_0179_denial_of) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-272.NASL description Multiple vulnerabilities has been found and corrected in libmikmod : libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels (CVE-2007-6720). libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file (CVE-2009-0179). This update fixes these vulnerabilities. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers last seen 2020-06-01 modified 2020-06-02 plugin id 42097 published 2009-10-13 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42097 title Mandriva Linux Security Advisory : libmikmod (MDVSA-2009:272-1) NASL family SuSE Local Security Checks NASL id SUSE_LIBMIKMOD-6033.NASL description Specially crafted XM files or playing mod files with varying number of channels could crash applications using libmikmod (CVE-2009-0179, CVE-2007-6720). last seen 2020-06-01 modified 2020-06-02 plugin id 35759 published 2009-03-03 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35759 title openSUSE 10 Security Update : libmikmod (libmikmod-6033) NASL family SuSE Local Security Checks NASL id SUSE_11_0_LIBMIKMOD-090227.NASL description Specially crafted XM files or playing mod files with varying number of channels could crash applications using libmikmod (CVE-2009-0179, CVE-2007-6720). last seen 2020-06-01 modified 2020-06-02 plugin id 40025 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40025 title openSUSE Security Update : libmikmod (libmikmod-570)
Statements
| contributor | Tomas Hoger |
| lastmodified | 2009-01-21 |
| organization | Red Hat |
| statement | Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-0179 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339
- http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
- http://openwall.com/lists/oss-security/2009/01/13/2
- http://secunia.com/advisories/34259
- http://www.securityfocus.com/bid/33240
- https://bugzilla.redhat.com/show_bug.cgi?id=479833
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.html
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.html