[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1597 mt-daapd -- multiple vulnerabilities

ID: oval:org.mitre.oval:def:8291Date: (C)2009-12-15   (M)2021-06-02
Class: PATCHFamily: unix




Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). The Common Vulnerabilities and Exposures project identifies the following three problems: Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code. Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code. An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution.

Platform:
Debian 4.0
Product:
mt-daapd
Reference:
DSA-1597
CVE-2007-5824
CVE-2007-5825
CVE-2008-1771
CVE    3
CVE-2007-5824
CVE-2007-5825
CVE-2008-1771
CPE    1
cpe:/o:debian:debian_linux:4.0

© SecPod Technologies