Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 RTSP:OVERFLOW:STREAMCOUNT

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 RTSP

Keywords

 MPlayer StreamCount RTSP Integer Overflow

Release Date

 2008/05/06

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

RTSP: MPlayer StreamCount RTSP Integer Overflow


This signature detects attempts to exploit a known vulnerability in MPlayer. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the target program.

Extended Description

MPlayer is prone to an interger-overflow vulnerability because it fails to perform adequate checks on externally supplied input. Attackers can leverage this vulnerability to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Affected Products

  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Gentoo Linux
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2008.1
  • Mandriva Linux Mandrake 2008.1 X86 64
  • MPlayer 0.90.0
  • MPlayer 0.90.0 Pre Series
  • MPlayer 0.9.0 0Rc4
  • MPlayer 0.90.0 Rc Series
  • MPlayer 0.91.0
  • MPlayer 0.92.0
  • MPlayer 0.92.1
  • MPlayer 0 92 CVS
  • MPlayer 1.0
  • MPlayer 1.0.0 Pre1
  • MPlayer 1.0.0 Pre2
  • MPlayer 1.0.0 Pre3
  • MPlayer 1.0.0 Pre3try2
  • MPlayer 1.0.0 Pre4
  • MPlayer 1.0.0 Pre5
  • MPlayer 1.0.0 Pre5try1
  • MPlayer 1.0.0 Pre5try2
  • MPlayer 1.0.0 Pre6
  • MPlayer 1.0.0 Pre6-3.3.5-20050130
  • MPlayer 1.0.0 Pre6-R4
  • MPlayer 1.0.20060329
  • MPlayer 1.0Pre7try2
  • MPlayer 1.0 -Rc1
  • MPlayer 1.0Rc2
  • MPlayer 1.0Rc2-4.2.1

References

  • BugTraq: 28851
  • CVE: CVE-2008-1558
  • URL: http://downloads.securityfocus.com/vulnerabilities/exploits/bid28851.pl

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out