Security: mt-daapd DAAP audio server
Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). The Common Vulnerabilities and Exposures project identifies the following three problems:
Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code.
Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code.
An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution.
How do I patch my system?
Simply type the following command:
# apt-get update
# apt-get upgrade
E-mail this to a Friend
Printable Version
You may also be interested in other helpful articles:
- Amarok audio player for Linux / UNIX Tips and Howto
- Download of the day: Rosegarden - an audio and MIDI sequencer for Linux
- Download VLC Media Player 0.9.2 For Windows, Linux and Mac OS X
- How Do I Burn MP3 onto an audio CD from Linux shell command prompt?
- Linux Listen Internet Shoutcast and Icecast Radio With BMPx Media Player
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: arbitrary code execution, authentication, buffer overflow, CVE-2007-5824, CVE-2007-5825, CVE-2008-1771, heap, integer overflow, vulnerabilities
Recent Comments
Yesterday ~ 12 Comments
Yesterday ~ 8 Comments
Yesterday ~ 185 Comments
Yesterday ~ 15 Comments
Yesterday ~ 3 Comments