Updated mpg321 packages are available for Red Hat Linux 7.2, which fix a buffer overflow in the network streaming code as well as other bugs.
mpg321 is a GPL command-line mp3 player. It is possible for mpg321 before version 0.2.9 to segfault if given certain specifically crafted data. In the case of network streaming, this data would be remotely supplied, which could lead to remote code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0272 to this issue. It is recommended that users of mpg321 upgrade to these errata packages containing mpg321 version 0.2.10, which is not vulnerable to this issue.