domingo, 8 de marzo de 2009

flv2mpeg4: Malformed parameters Denial of Service

flv2mpeg4bug.txt.asc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
Sun Mar 8 21:06:34 CST 2009 Heuristics and Exploiting Vulnerabilities
elhacker.net

Topic: flv2mpeg4: Malformed parameters Denial of Service

======================================================================

Table of Contents

1- Affected Software.
2- Background.
3- Problem Description.
4- Severity
5- Solution
6- Time Table
7- Credits
8- About elhacker.net

======================================================================
1) Affected Software

flv2mpeg4 v1.1

Prior versions may also be affected.

======================================================================
2) Background

flv2mpeg4 allows you convert a Flash Video / FLV file (YouTube's videos,etc)
to MPEG4 (AVI/MOV/MP4/MP3/3GP) file online. It is using a compressed domain
transcoder technology (outline in Japanese). It converts FLV to MPEG4 faster
and less lossy than a typical transcoder.

http://www.freebsd.org/cgi/url.cgi?ports/multimedia/flv2mpeg4/pkg-descr

======================================================================
3) Problem Description

As we can see flv2mpeg4 receives 2 parameters the first is expected to be
a flv file and second mpeg4 (AVI/MOV/MP4/MP3/3GP), the problem is a clerical
error in the parameters or a parameter poorly trained, causing the
application to stop running unexpectedly

for example:

Anon@localhost % flv2mpeg4 Video.flv Video.mpg
Segmentation fault (core dumped)

in this mpg extension is incorrect

Anon@localhost % flv2mpeg4 Video.flv `perl -e '{print "A"x4000,".avi"}'`
Segmentation fault (core dumped)

Although the extension is correct in this case, does not allow such a long
file name

======================================================================
4) Severity

Rating: Very low risk
Impact: Denial of service
Where: Local

======================================================================
5) Solution

Run flv2mpeg4 done correctly with the parameters in order

======================================================================
6) Time Table

22/12/2008 - Vendor notified.
23/12/2008 - Vendor response.
08/03/2009 - Public disclosure.

======================================================================
7) Credits

Discovered by Anon, elhacker.net

======================================================================
8) About elhacker.net

Overall objective of the forum elhacker.net
Promote research and encourage the dissemination of knowledge by providing
a means of information, protecting and fighting for their freedom.

Subforum Heuristics and exploitation of vulnerabilities.
Following the overall objective of the forum, subforum Heuristics and
exploitation of vulnerabilities (Bugs and Exploits), aims at promoting
research into techniques for detection and exploitation of vulnerabilities
in any operating system or program that might allow the execution of
arbitrary code, or any other means which violate the confidentiality,
integrity, or availability of information.

http://foro.elhacker.net/
http://foro.elhacker.net/bugs_y_exploits-b32.0/

=============================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)

iEYEARECAAYFAkm0mE4ACgkQd963iVkvICn7GQCeIonHNhFV/pdu7uvuZG4ucq+A
lMEAoIEDL8JsG1mbb2RrAutEN2TaXs/5
=mi4f
-----END PGP SIGNATURE-----
--
- Anon

No hay comentarios:

Populares Siempre