Kaffeine, gxine: Remotely exploitable buffer overflow

1. Gentoo Linux Security Advisory

Advisory Reference	GLSA 200411-14 / kaffeine gxine
Release Date	November 07, 2004
Latest Revision	May 22, 2006: 02
Impact	normal
Exploitable	remote

Package	Vulnerable versions	Unaffected versions	Architecture(s)
media-video/kaffeine	< 0.5_rc1-r1	>= 0.5_rc1-r1, revision >= 0.4.3b-r1	All supported architectures
media-video/gxine	< 0.3.3-r1	>= 0.3.3-r1	All supported architectures

Related bugreports: #69663, #70055

Synopsis

Kaffeine and gxine both contain a buffer overflow that can be exploited when accessing content from a malicious HTTP server with specially crafted headers.

2. Impact Information

Background

Kaffeine and gxine are graphical front-ends for xine-lib multimedia library.

Description

KF of Secure Network Operations has discovered an overflow that occurs during the Content-Type header processing of Kaffeine. The vulnerable code in Kaffeine is reused from gxine, making gxine vulnerable as well.

Impact

An attacker could create a specially-crafted Content-type header from a malicious HTTP server, and crash a user's instance of Kaffeine or gxine, potentially allowing the execution of arbitrary code.

3. Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All Kaffeine users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/kaffeine-0.4.3b-r1"

All gxine users should upgrade to the latest version:

Code Listing 3.2: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/gxine-0.3.3-r1"

4. References

Updated November 07, 2004

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.