Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities by radscan
CVE-2013-4258 (GCVE-0-2013-4258)
Vulnerability from nvd – Published: 2013-10-09 14:44 – Updated: 2024-08-06 16:38
VLAI
EPSS
VEX
Summary
Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/61852 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2013/08/19/3 | mailing-listx_refsource_MLIST |
| http://radscan.com/pipermail/nas/2013-August/0012… | mailing-listx_refsource_MLIST |
| http://radscan.com/pipermail/nas/2013-August/0012… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/08/16/2 | mailing-listx_refsource_MLIST |
| http://www.debian.org/security/2013/dsa-2771 | vendor-advisoryx_refsource_DEBIAN |
| http://sourceforge.net/mailarchive/forum.php?thre… | mailing-listx_refsource_MLIST |
Date Public
2012-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61852",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61852"
},
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[nas] 20130808 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001277.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "[nas-commits] 20120122 SF.net SVN: nas:[285] trunk/server/os/aulog.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com\u0026forum_name=nas-commits"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "61852",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61852"
},
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[nas] 20130808 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001277.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "[nas-commits] 20120122 SF.net SVN: nas:[285] trunk/server/os/aulog.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com\u0026forum_name=nas-commits"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4258",
"datePublished": "2013-10-09T14:44:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4256 (GCVE-0-2013-4256)
Vulnerability from nvd – Published: 2013-10-09 14:44 – Updated: 2024-08-06 16:38
VLAI
EPSS
VEX
Summary
Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2013/08/19/3 | mailing-listx_refsource_MLIST |
| http://radscan.com/pipermail/nas/2013-August/0012… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/08/16/2 | mailing-listx_refsource_MLIST |
| http://sourceforge.net/p/nas/code/288 | x_refsource_CONFIRM |
| http://www.debian.org/security/2013/dsa-2771 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/61848 | vdb-entryx_refsource_BID |
| http://www.ubuntu.com/usn/USN-1986-1 | vendor-advisoryx_refsource_UBUNTU |
Date Public
2013-08-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/nas/code/288"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "61848",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61848"
},
{
"name": "USN-1986-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1986-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/nas/code/288"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "61848",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61848"
},
{
"name": "USN-1986-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1986-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4256",
"datePublished": "2013-10-09T14:44:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1544 (GCVE-0-2007-1544)
Vulnerability from nvd – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "nas-procauwriteelement-dos(33051)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33051"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "nas-procauwriteelement-dos(33051)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33051"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "nas-procauwriteelement-dos(33051)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33051"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1544",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1545 (GCVE-0-2007-1545)
Vulnerability from nvd – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-addresource-dos(33050)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-addresource-dos(33050)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-addresource-dos(33050)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1545",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1546 (GCVE-0-2007-1546)
Vulnerability from nvd – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
17 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "nas-compileinputs-dos(33055)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33055"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-procausetelements-dos(33054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33054"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "nas-compileinputs-dos(33055)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33055"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-procausetelements-dos(33054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33054"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "nas-compileinputs-dos(33055)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33055"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-procausetelements-dos(33054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33054"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1546",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1547 (GCVE-0-2007-1547)
Vulnerability from nvd – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-readrequestfromclient-dos(33059)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-readrequestfromclient-dos(33059)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-readrequestfromclient-dos(33059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1547",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1543 (GCVE-0-2007-1543)
Vulnerability from nvd – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "nas-uslsocket-bo(33047)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "24783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24783"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1155"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "nas-uslsocket-bo(33047)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "24783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24783"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1155"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "nas-uslsocket-bo(33047)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "24783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24783"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "https://issues.rpath.com/browse/RPL-1155",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1155"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1543",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1371 (GCVE-0-2007-1371)
Vulnerability from nvd – Published: 2007-03-10 00:00 – Updated: 2024-08-07 12:50
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/22855 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/24370 | third-party-advisoryx_refsource_SECUNIA |
| http://securityreason.com/securityalert/2399 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/462184/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/0854 | vdb-entryx_refsource_VUPEN |
| http://www.radscan.com/conquest/cq-ml/msg00169.html | mailing-listx_refsource_MLIST |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22855",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22855"
},
{
"name": "24370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24370"
},
{
"name": "2399",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2399"
},
{
"name": "conquest-processpacket-dos(32860)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860"
},
{
"name": "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462184/100/0/threaded"
},
{
"name": "ADV-2007-0854",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0854"
},
{
"name": "[conquest] 20070303 Re: security bugs in conquest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.radscan.com/conquest/cq-ml/msg00169.html"
},
{
"name": "conquest-metagetserverlist-bo(32849)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22855",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22855"
},
{
"name": "24370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24370"
},
{
"name": "2399",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2399"
},
{
"name": "conquest-processpacket-dos(32860)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860"
},
{
"name": "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462184/100/0/threaded"
},
{
"name": "ADV-2007-0854",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0854"
},
{
"name": "[conquest] 20070303 Re: security bugs in conquest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.radscan.com/conquest/cq-ml/msg00169.html"
},
{
"name": "conquest-metagetserverlist-bo(32849)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22855",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22855"
},
{
"name": "24370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24370"
},
{
"name": "2399",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2399"
},
{
"name": "conquest-processpacket-dos(32860)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860"
},
{
"name": "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462184/100/0/threaded"
},
{
"name": "ADV-2007-0854",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0854"
},
{
"name": "[conquest] 20070303 Re: security bugs in conquest",
"refsource": "MLIST",
"url": "http://www.radscan.com/conquest/cq-ml/msg00169.html"
},
{
"name": "conquest-metagetserverlist-bo(32849)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1371",
"datePublished": "2007-03-10T00:00:00.000Z",
"dateReserved": "2007-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:50:35.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4256 (GCVE-0-2013-4256)
Vulnerability from cvelistv5 – Published: 2013-10-09 14:44 – Updated: 2024-08-06 16:38
VLAI
EPSS
VEX
Summary
Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2013/08/19/3 | mailing-listx_refsource_MLIST |
| http://radscan.com/pipermail/nas/2013-August/0012… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/08/16/2 | mailing-listx_refsource_MLIST |
| http://sourceforge.net/p/nas/code/288 | x_refsource_CONFIRM |
| http://www.debian.org/security/2013/dsa-2771 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/61848 | vdb-entryx_refsource_BID |
| http://www.ubuntu.com/usn/USN-1986-1 | vendor-advisoryx_refsource_UBUNTU |
Date Public
2013-08-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/nas/code/288"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "61848",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61848"
},
{
"name": "USN-1986-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1986-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/nas/code/288"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "61848",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61848"
},
{
"name": "USN-1986-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1986-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4256",
"datePublished": "2013-10-09T14:44:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4258 (GCVE-0-2013-4258)
Vulnerability from cvelistv5 – Published: 2013-10-09 14:44 – Updated: 2024-08-06 16:38
VLAI
EPSS
VEX
Summary
Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/61852 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2013/08/19/3 | mailing-listx_refsource_MLIST |
| http://radscan.com/pipermail/nas/2013-August/0012… | mailing-listx_refsource_MLIST |
| http://radscan.com/pipermail/nas/2013-August/0012… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/08/16/2 | mailing-listx_refsource_MLIST |
| http://www.debian.org/security/2013/dsa-2771 | vendor-advisoryx_refsource_DEBIAN |
| http://sourceforge.net/mailarchive/forum.php?thre… | mailing-listx_refsource_MLIST |
Date Public
2012-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61852",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61852"
},
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[nas] 20130808 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001277.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "[nas-commits] 20120122 SF.net SVN: nas:[285] trunk/server/os/aulog.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com\u0026forum_name=nas-commits"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "61852",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61852"
},
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[nas] 20130808 nas: Multiple Vulnerabilities in nas 1.9.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://radscan.com/pipermail/nas/2013-August/001277.html"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"name": "DSA-2771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "[nas-commits] 20120122 SF.net SVN: nas:[285] trunk/server/os/aulog.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com\u0026forum_name=nas-commits"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4258",
"datePublished": "2013-10-09T14:44:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1544 (GCVE-0-2007-1544)
Vulnerability from cvelistv5 – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "nas-procauwriteelement-dos(33051)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33051"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "nas-procauwriteelement-dos(33051)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33051"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "nas-procauwriteelement-dos(33051)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33051"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1544",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1545 (GCVE-0-2007-1545)
Vulnerability from cvelistv5 – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-addresource-dos(33050)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-addresource-dos(33050)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-addresource-dos(33050)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1545",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1546 (GCVE-0-2007-1546)
Vulnerability from cvelistv5 – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
17 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "nas-compileinputs-dos(33055)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33055"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-procausetelements-dos(33054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33054"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "nas-compileinputs-dos(33055)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33055"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-procausetelements-dos(33054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33054"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "nas-compileinputs-dos(33055)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33055"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-procausetelements-dos(33054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33054"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1546",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1547 (GCVE-0-2007-1547)
Vulnerability from cvelistv5 – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-readrequestfromclient-dos(33059)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-readrequestfromclient-dos(33059)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "nas-readrequestfromclient-dos(33059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1547",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1543 (GCVE-0-2007-1543)
Vulnerability from cvelistv5 – Published: 2007-03-20 22:00 – Updated: 2024-08-07 12:59
VLAI
EPSS
VEX
Summary
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2007-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "nas-uslsocket-bo(33047)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "24783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24783"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1155"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2007:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "nas-uslsocket-bo(33047)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047"
},
{
"name": "24601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "24783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24783"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1155"
},
{
"name": "DSA-1273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.radscan.com/nas/HISTORY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2007:065",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065"
},
{
"name": "1017822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017822"
},
{
"name": "24980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24980"
},
{
"name": "24527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24527"
},
{
"name": "23017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23017"
},
{
"name": "nas-uslsocket-bo(33047)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047"
},
{
"name": "24601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24601"
},
{
"name": "USN-446-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-446-1"
},
{
"name": "24628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24628"
},
{
"name": "GLSA-200704-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-20.xml"
},
{
"name": "ADV-2007-0997",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0997"
},
{
"name": "24783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24783"
},
{
"name": "20070403 FLEA-2007-0007-1: nas",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded"
},
{
"name": "24638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24638"
},
{
"name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt"
},
{
"name": "https://issues.rpath.com/browse/RPL-1155",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1155"
},
{
"name": "DSA-1273",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1273"
},
{
"name": "http://www.radscan.com/nas/HISTORY",
"refsource": "CONFIRM",
"url": "http://www.radscan.com/nas/HISTORY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1543",
"datePublished": "2007-03-20T22:00:00.000Z",
"dateReserved": "2007-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1371 (GCVE-0-2007-1371)
Vulnerability from cvelistv5 – Published: 2007-03-10 00:00 – Updated: 2024-08-07 12:50
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/22855 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/24370 | third-party-advisoryx_refsource_SECUNIA |
| http://securityreason.com/securityalert/2399 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/462184/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/0854 | vdb-entryx_refsource_VUPEN |
| http://www.radscan.com/conquest/cq-ml/msg00169.html | mailing-listx_refsource_MLIST |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22855",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22855"
},
{
"name": "24370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24370"
},
{
"name": "2399",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2399"
},
{
"name": "conquest-processpacket-dos(32860)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860"
},
{
"name": "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462184/100/0/threaded"
},
{
"name": "ADV-2007-0854",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0854"
},
{
"name": "[conquest] 20070303 Re: security bugs in conquest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.radscan.com/conquest/cq-ml/msg00169.html"
},
{
"name": "conquest-metagetserverlist-bo(32849)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22855",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22855"
},
{
"name": "24370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24370"
},
{
"name": "2399",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2399"
},
{
"name": "conquest-processpacket-dos(32860)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860"
},
{
"name": "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462184/100/0/threaded"
},
{
"name": "ADV-2007-0854",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0854"
},
{
"name": "[conquest] 20070303 Re: security bugs in conquest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.radscan.com/conquest/cq-ml/msg00169.html"
},
{
"name": "conquest-metagetserverlist-bo(32849)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22855",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22855"
},
{
"name": "24370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24370"
},
{
"name": "2399",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2399"
},
{
"name": "conquest-processpacket-dos(32860)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860"
},
{
"name": "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462184/100/0/threaded"
},
{
"name": "ADV-2007-0854",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0854"
},
{
"name": "[conquest] 20070303 Re: security bugs in conquest",
"refsource": "MLIST",
"url": "http://www.radscan.com/conquest/cq-ml/msg00169.html"
},
{
"name": "conquest-metagetserverlist-bo(32849)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1371",
"datePublished": "2007-03-10T00:00:00.000Z",
"dateReserved": "2007-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:50:35.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}