Debian Security Advisory 1597-2 - In DSA-1597-1, an update was announced for multiple vulnerabilities in the mt-daapd audio server. One of the fixes introduced a regression preventing successful authentication to the administration interface. An updated release is available which corrects this problem.
6960b8e8a30837f817320f9e668706f36e5b47abc98e3e724650ef7595f4a83bDebian Security Advisory 1597-1 - Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code. Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code. An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution.
598c2c3624c2168c61fa8dc631687dc79f5ab814823990471e931f59116fa2f1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed