Security: mt-daapd DAAP audio server

by on April 13, 2008 · 0 comments· LAST UPDATED June 13, 2008

in , ,

Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). The Common Vulnerabilities and Exposures project identifies the following three problems:

Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code.

Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code.

An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution.

How do I patch my system?

Simply type the following command:
# apt-get update
# apt-get upgrade

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 0 comments… add one now }

Leave a Comment

Tagged as: , , , , , , , ,

Previous post:

Next post: