Executive Summary
Summary | |
---|---|
Title | New mt-daapd package fix regression |
Informations | |||
---|---|---|---|
Name | DSA-1597 | First vendor Publication | 2008-06-12 |
Vendor | Debian | Last vendor Modification | 2008-08-30 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
In DSA-1597-1, an update was announced for multiple vulnerabilities in the mt-daapd audio server. One of the fixes introduced a regression preventing successful authentication to the administration interface. An updated release is available which corrects this problem. For reference, the original advisory text follows. Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). The Common Vulnerabilities and Exposures project identifies the following three problems: CVE-2007-5824 Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code. CVE-2007-5825 Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code. CVE-2008-1771 An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution. For the stable distribution (etch), these problems have been fixed in version 0.2.4+r1376-1.1+etch2. We recommend that you upgrade your mt-daapd package. |
Original Source
Url : http://www.debian.org/security/2008/dsa-1597 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20294 | |||
Oval ID: | oval:org.mitre.oval:def:20294 | ||
Title: | DSA-1597-1 mt-daapd - several vulnerabilities | ||
Description: | Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1597-1 CVE-2007-5824 CVE-2007-5825 CVE-2008-1771 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | mt-daapd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8291 | |||
Oval ID: | oval:org.mitre.oval:def:8291 | ||
Title: | DSA-1597 mt-daapd -- multiple vulnerabilities | ||
Description: | Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). The Common Vulnerabilities and Exposures project identifies the following three problems: Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code. Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code. An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1597 CVE-2007-5824 CVE-2007-5825 CVE-2008-1771 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | mt-daapd |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-02-17 | Name : Fedora Update for mt-daapd FEDORA-2008-3250 File : nvt/gb_fedora_2008_3250_mt-daapd_fc8.nasl |
2009-02-17 | Name : Fedora Update for mt-daapd FEDORA-2008-4126 File : nvt/gb_fedora_2008_4126_mt-daapd_fc9.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-18 (mt-daapd) File : nvt/glsa_200712_18.nasl |
2008-09-04 | Name : FreeBSD Ports: mt-daapd File : nvt/freebsd_mt-daapd.nasl |
2008-09-04 | Name : FreeBSD Ports: mt-daapd File : nvt/freebsd_mt-daapd0.nasl |
2008-06-28 | Name : Debian Security Advisory DSA 1597-1 (mt-daapd) File : nvt/deb_1597_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45286 | Firefly Media Server webserver.c ws_addarg Function /xml-rpc Authorization He... |
44448 | Firefly Media Server ws_getpostvars Function Content-Length Header HTTP Reque... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-06-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1597.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote Fedora host is missing a security update. File : fedora_2008-4126.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_86a4d810188411dda9140016179b2dd5.nasl - Type : ACT_GATHER_INFO |
2008-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3250.nasl - Type : ACT_GATHER_INFO |
2008-04-23 | Name : The remote web server is affected by an integer overflow vulnerability. File : firefly_content_overflow.nasl - Type : ACT_ATTACK |
2007-12-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-18.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a7080c3091a211dcb2eb00b0d07e6c7e.nasl - Type : ACT_GATHER_INFO |
2007-11-03 | Name : The remote web server is affected by a format string vulnerability. File : firefly_format_string.nasl - Type : ACT_MIXED_ATTACK |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:43 |
|