Bug#480724: vlc: local privilege escalation

Nico Golde nion at debian.org
Sun May 11 18:36:32 UTC 2008


Package: vlc
Severity: grave
Tags: security patch

Hi,
vlc is vulnerable to a local privilege escalation[0]:
| At startup, VLC recursively scans the modules/ and plugins/ subdirectories from
| the current working directory, and tries to execute the vlc_entry__0_8_6 (or
| another in other VLC versions) symbol from any file matching the
| "lib*_plugin.so" pattern.

An attacker could use this to execute code by providing a crafted library file.

Patch: http://git.videolan.org/?p=vlc.git;a=commit;h=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181

This issue doesn't have a CVE id yet, I already request one and will update
this bug report if I got it.

Make sure to use it on your changelog then if you close the bug.

[0] https://trac.videolan.org/vlc/ticket/1578

Kind regards
Nico
-- 
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20080511/5886aaa5/attachment.pgp 


More information about the pkg-multimedia-maintainers mailing list