Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2004-409: sox

Vulnerability Assessment Details

RHSA-2004-409: sox
Vulnerability Assessment Summary
Check for the version of the sox packages

Detailed Explanation for this Vulnerability Assessment


Updated sox packages that fix buffer overflows in the WAV file handling
code are now available.

SoX (Sound eXchange) is a sound file format converter. SoX can convert
between many different digitized sound formats and perform simple sound
manipulation functions, including sound effects.

Buffer overflows existed in the parsing of WAV file header fields. It was
possible that a malicious WAV file could have caused arbitrary code to be
executed when the file was played or converted. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0557
to these issues.

All users of sox should upgrade to these updated packages, which resolve
these issues as well as fix a number of minor bugs.




Solution : http://rhn.redhat.com/errata/RHSA-2004-409.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security
Cables, Connectors


Cisco SG110 24 Port Gigabit Ethernet Switch w/ 2 x SFP SG110-24 picture

Cisco SG110 24 Port Gigabit Ethernet Switch w/ 2 x SFP SG110-24

$117.00


Cisco SF350-08 8-Port Managed 10/100 Switch SF350-08-K9-NA picture

Cisco SF350-08 8-Port Managed 10/100 Switch SF350-08-K9-NA

$164.00


Cisco SG350X-48MP 48 Port Layer 3 Gigabit PoE Ethernet Switch SG350X-48MP-K9-NA picture

Cisco SG350X-48MP 48 Port Layer 3 Gigabit PoE Ethernet Switch SG350X-48MP-K9-NA

$900.00


For Dell R540 R440 on-board network card dual-port 10g sfp+brodcom 57412 GVXF4 picture

For Dell R540 R440 on-board network card dual-port 10g sfp+brodcom 57412 GVXF4

$102.98


Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03 picture

Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03

$8.00


NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping* picture

NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping*

$18.00


Brand New Cisco GLC-LH-SMD 1000BASE-LX/LH SFP Module 1310nm 10km SMF LC picture

Brand New Cisco GLC-LH-SMD 1000BASE-LX/LH SFP Module 1310nm 10km SMF LC

$13.89


Genuine Cisco ‎SFP-10G-SR Transceiver Module (10-2415-03) picture

Genuine Cisco ‎SFP-10G-SR Transceiver Module (10-2415-03)

$5.85


LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module picture

LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module

$89.00


Cisco 10G SFP+ Module SFP-10G-SR 10-2415-03 (Lot of 5) picture

Cisco 10G SFP+ Module SFP-10G-SR 10-2415-03 (Lot of 5)

$24.99


Discussions

No Discussions have been posted on this vulnerability.