Detections
Analytics

Debian DSA-1273-1 : nas - several vulnerabilities

critical Nessus Plugin ID 24921

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in nas, the Network Audio System.

 - CVE-2007-1543 A stack-based buffer overflow in the accept_att_local function in server/os/connection.c in nas allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.

 - CVE-2007-1544 An integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value.

 - CVE-2007-1545 The AddResource function in server/dia/resource.c allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID.

 - CVE-2007-1546 An array index error allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c.

 - CVE-2007-1547 The ReadRequestFromClient function in server/os/io.c allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.

Solution

Upgrade the nas package.

For the stable distribution (sarge), these problems have been fixed in version 1.7-2sarge1.

For the upcoming stable distribution (etch) and the unstable distribution (sid) these problems have been fixed in version 1.8-4.

See Also

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416038

https://security-tracker.debian.org/tracker/CVE-2007-1543

https://security-tracker.debian.org/tracker/CVE-2007-1544

https://security-tracker.debian.org/tracker/CVE-2007-1545

https://security-tracker.debian.org/tracker/CVE-2007-1546

https://security-tracker.debian.org/tracker/CVE-2007-1547

http://www.debian.org/security/2007/dsa-1273

Plugin Details

Severity: Critical

ID: 24921

File Name: debian_DSA-1273.nasl

Version: 1.19

Type: local

Agent: unix

Published: 4/5/2007

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:nas, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 3/27/2007

Vulnerability Publication Date: 3/19/2007

Reference Information

CVE: CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547

BID: 23017

DSA: 1273