ID CVE-2005-0020
Summary Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:playmidi:playmidi:2.3.1
    cpe:2.3:a:playmidi:playmidi:2.3.1
  • cpe:2.3:a:playmidi:playmidi:2.3.10
    cpe:2.3:a:playmidi:playmidi:2.3.10
  • cpe:2.3:a:playmidi:playmidi:2.3.11
    cpe:2.3:a:playmidi:playmidi:2.3.11
  • cpe:2.3:a:playmidi:playmidi:2.3.12
    cpe:2.3:a:playmidi:playmidi:2.3.12
  • cpe:2.3:a:playmidi:playmidi:2.3.13
    cpe:2.3:a:playmidi:playmidi:2.3.13
  • cpe:2.3:a:playmidi:playmidi:2.3.14
    cpe:2.3:a:playmidi:playmidi:2.3.14
  • cpe:2.3:a:playmidi:playmidi:2.3.15
    cpe:2.3:a:playmidi:playmidi:2.3.15
  • cpe:2.3:a:playmidi:playmidi:2.3.16
    cpe:2.3:a:playmidi:playmidi:2.3.16
  • cpe:2.3:a:playmidi:playmidi:2.3.17
    cpe:2.3:a:playmidi:playmidi:2.3.17
  • cpe:2.3:a:playmidi:playmidi:2.3.18
    cpe:2.3:a:playmidi:playmidi:2.3.18
  • cpe:2.3:a:playmidi:playmidi:2.3.19
    cpe:2.3:a:playmidi:playmidi:2.3.19
  • cpe:2.3:a:playmidi:playmidi:2.3.2
    cpe:2.3:a:playmidi:playmidi:2.3.2
  • cpe:2.3:a:playmidi:playmidi:2.3.20
    cpe:2.3:a:playmidi:playmidi:2.3.20
  • cpe:2.3:a:playmidi:playmidi:2.3.21
    cpe:2.3:a:playmidi:playmidi:2.3.21
  • cpe:2.3:a:playmidi:playmidi:2.3.22
    cpe:2.3:a:playmidi:playmidi:2.3.22
  • cpe:2.3:a:playmidi:playmidi:2.3.23
    cpe:2.3:a:playmidi:playmidi:2.3.23
  • cpe:2.3:a:playmidi:playmidi:2.3.24
    cpe:2.3:a:playmidi:playmidi:2.3.24
  • cpe:2.3:a:playmidi:playmidi:2.3.25
    cpe:2.3:a:playmidi:playmidi:2.3.25
  • cpe:2.3:a:playmidi:playmidi:2.3.25.1
    cpe:2.3:a:playmidi:playmidi:2.3.25.1
  • cpe:2.3:a:playmidi:playmidi:2.3.26
    cpe:2.3:a:playmidi:playmidi:2.3.26
  • cpe:2.3:a:playmidi:playmidi:2.3.3
    cpe:2.3:a:playmidi:playmidi:2.3.3
  • cpe:2.3:a:playmidi:playmidi:2.3.4
    cpe:2.3:a:playmidi:playmidi:2.3.4
  • cpe:2.3:a:playmidi:playmidi:2.3.5
    cpe:2.3:a:playmidi:playmidi:2.3.5
  • cpe:2.3:a:playmidi:playmidi:2.3.6
    cpe:2.3:a:playmidi:playmidi:2.3.6
  • cpe:2.3:a:playmidi:playmidi:2.3.7
    cpe:2.3:a:playmidi:playmidi:2.3.7
  • cpe:2.3:a:playmidi:playmidi:2.3.8
    cpe:2.3:a:playmidi:playmidi:2.3.8
  • cpe:2.3:a:playmidi:playmidi:2.3.9
    cpe:2.3:a:playmidi:playmidi:2.3.9
  • MandrakeSoft Mandrake Linux 10.0
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.0
  • cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:-:amd64
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:-:amd64
  • MandrakeSoft Mandrake Linux 10.1
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.1
  • cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:-:x86_64
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:-:x86_64
  • MandrakeSoft Mandrake Corporate Server 3.0
    cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0
CVSS
Base: 7.2 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-010.NASL
    description Erik Sjolund discovered a buffer overflow in playmidi that could be exploited by a local attacker if installed setuid root. Note that by default Mandrakelinux does not ship playmidi installed setuid root.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 16219
    published 2005-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16219
    title Mandrake Linux Security Advisory : playmidi (MDKSA-2005:010)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-641.NASL
    description Erik Sjolund discovered that playmidi, a MIDI player, contains a setuid root program with a buffer overflow that can be exploited by a local attacker.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 16181
    published 2005-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16181
    title Debian DSA-641-1 : playmidi - buffer overflow
refmap via4
bid 12274
debian DSA-641
mandrake MDKSA-2005:010
osvdb 13049
sectrack 1012957
secunia
  • 13828
  • 13890
  • 13898
xf playmidi-bo(18933)
Last major update 10-09-2008 - 15:34
Published 14-04-2005 - 00:00
Last modified 10-07-2017 - 21:32
Back to Top