[Debian] Schwachstelle in SoX - DSA 565-1

win-sec-ssc at dfn-cert.de win-sec-ssc at dfn-cert.de
Thu Oct 14 17:06:04 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgende Warnung des Debian-Teams. Wir geben
diese Informationen unveraendert an Sie weiter.

SoX ist ein Programmpaket zur Bearbeitung und zum Abspielen von
Audiodaten.

CAN-2004-0557 - Buffer Overflows beim Abspielen von ".wav"-Dateien

  Im Programm SoX kann beim Abspielen von ".wav"-Dateien ein Buffer
  Overflow in der Funktion st_wavstartread() ausgeloest werden. Ein
  lokaler Angreifer kann diese Schwachstelle dazu ausnutzen, beliebigen
  Code mit den Privilegien des Benutzers auszufuehren, der SoX
  aufgerufen hat, indem er den Benutzer dazu bringt, eine vom ihm
  entsprechend konstruierte ".wav"-Datei abzuspielen.


Betroffen sind die folgenden Software Pakete und Plattformen:

  Pakey sox in stable Distribution (woody) vor Version 12.17.3-4woody2
  Pakey sox in unstable Distribution (sid) vor Version 12.17.4-9

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,


           Jan Kohlrausch, DFN-CERT

- --
Jan Kohlrausch (CSIRT), DFN-CERT Services GmbH
Web: https://www.dfn-cert.de/, Phone: +49-40-808077-555
PGP RSA/2048, A5DD03D1, A2 55 1C 51 0A 30 3E 78  5B 40 DA B7 14 F7 C9 E8


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 565-1                     security at debian.org
http://www.debian.org/security/                             Martin Schulze
October 13th, 2004                      http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : sox
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0557
Debian Bug     : 262083

Ulf Harnhammar has reported two vulnerabilities in SoX, a universal
sound sample translator, which may be exploited by malicious people to
compromise a user's system with a specially crafted .wav file.

For the stable distribution (woody) these problems have been fixed in
version 12.17.3-4woody2.

For the unstable distribution (sid) these problems have been fixed in
version 12.17.4-9.

We recommend that you upgrade your sox package.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2.dsc
      Size/MD5 checksum:      591 cb5fec82f02cd32b80faebe304ce520b
    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2.diff.gz
      Size/MD5 checksum:     7416 c3cc69a3e01c562f19ae87e1db396698
    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3.orig.tar.gz
      Size/MD5 checksum:   402599 23b6a2f9f225eebc30d85ec9e1af54a4

  Alpha architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_alpha.deb
      Size/MD5 checksum:   336076 678c3efb9398209c0eaa81837c399476
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_alpha.deb
      Size/MD5 checksum:   193074 f79000b7567eb00ed31500e0aae44d72

  ARM architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_arm.deb
      Size/MD5 checksum:   260592 43e3adc88d20838848bf259eef1e5663
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_arm.deb
      Size/MD5 checksum:   151582 eec28d453add90289b07c85114077131

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_i386.deb
      Size/MD5 checksum:   241232 0cbd8714254f8e3383addbf3d1f21cfa
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_i386.deb
      Size/MD5 checksum:   136726 369d2b13579121a95fbe30a32aee7b05

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_ia64.deb
      Size/MD5 checksum:   400464 4e7c9d20cd13130e042724943f77671a
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_ia64.deb
      Size/MD5 checksum:   218374 332c9f352a2e338a23fb10d29844b3f0

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_hppa.deb
      Size/MD5 checksum:   305896 d4b2682a2394366c1c483442c81841d9
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_hppa.deb
      Size/MD5 checksum:   180884 bc5af7ce55b676059bba44321cfaf0e1

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_m68k.deb
      Size/MD5 checksum:   220024 46f468987f21d4a6c68f52e7c84c86ff
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_m68k.deb
      Size/MD5 checksum:   127202 be81e1633da5ee7820446c07e2ee614e

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_mips.deb
      Size/MD5 checksum:   291090 6a7727dc32a9b26e13a887e88ff09394
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_mips.deb
      Size/MD5 checksum:   167998 af42bc50dc7bc7bc5fbdbc00e03fd630

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_mipsel.deb
      Size/MD5 checksum:   290876 0e0a0cbf78f40bd6dd97593bdf4b1871
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_mipsel.deb
      Size/MD5 checksum:   168254 79ff397a577a8e1c5eb51d88f51d00d3

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_powerpc.deb
      Size/MD5 checksum:   269022 fc13fb341a3dcf15492d07be291dcb38
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_powerpc.deb
      Size/MD5 checksum:   166164 46508fb11779d0fa9467b1c70687c054

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_s390.deb
      Size/MD5 checksum:   254254 c549fb32a18e22aba4361f22c645a66c
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_s390.deb
      Size/MD5 checksum:   140188 4f632838362fdbdb5762e311c37edfc5

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/s/sox/sox_12.17.3-4woody2_sparc.deb
      Size/MD5 checksum:   261678 dfe2049b353134fd6f817fe5dba6670d
    http://security.debian.org/pool/updates/main/s/sox/sox-dev_12.17.3-4woody2_sparc.deb
      Size/MD5 checksum:   153940 6eb8611b2ef1e7f70d5992af4f3ab687


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBbS7rW5ql+IAeqTIRAmoLAJ0RCtf3Rs7ENWaTk7ht4ACreTolBQCeIdyb
2UJd1pud7oDRU4u+Z/wvX00=
=XhLw
- -----END PGP SIGNATURE-----


- -- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST at lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster at lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (SunOS)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>

iQEVAwUBQW6VMeI9ttyl3QPRAQGhgwgAlcXguAvcvhd17ImIRxwTd0yiK0VwvEBg
1SW+ygtYvQYsa0shFRuDKpELwzAzzNJSvtGP43Hid10csRAdm/iGrWy9s8SiPiJ2
UgmzjxkRlnRLsTxWYawJIKz0YowFLvsygABS+a/y7kMUcWHPEW60/hv6m0m1iz5w
2dpfODDgm+u3oaTJXYsA4koZwV9FXnTmdHXNudol6yKaRgL28A8dDoJy2jWInRSH
FXX0HsTnfLaiF5dALwFcitf5QltpGW7e8TroPWNcIdAlc286eZrFVhy8shwu5R9n
NTex82KbaPPHc+sD+wjWO/FsDX61LTfupLOJDw6isAK0Ca/CDXmVeg==
=0onU
-----END PGP SIGNATURE-----




More information about the Security-Announce mailing list