Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4256 | 2 Canonical, Radscan | 2 Ubuntu Linux, Network Audio System | 2024-02-04 | 4.6 MEDIUM | N/A |
| Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c. | |||||
| CVE-2013-4258 | 1 Radscan | 1 Network Audio System | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog. | |||||
| CVE-2007-1547 | 2 Mandrakesoft, Radscan | 2 Mandrake Linux, Network Audio System | 2024-02-04 | 7.8 HIGH | N/A |
| The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference. | |||||
| CVE-2007-1546 | 2 Mandrakesoft, Radscan | 2 Mandrake Linux, Network Audio System | 2024-02-04 | 5.0 MEDIUM | N/A |
| Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c. | |||||
| CVE-2007-1544 | 2 Mandrakesoft, Radscan | 2 Mandrake Linux, Network Audio System | 2024-02-04 | 5.0 MEDIUM | N/A |
| Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value. | |||||
| CVE-2007-1545 | 2 Mandrakesoft, Radscan | 2 Mandrake Linux, Network Audio System | 2024-02-04 | 5.0 MEDIUM | N/A |
| The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID. | |||||
| CVE-2007-1543 | 2 Mandrakesoft, Radscan | 2 Mandrake Linux, Network Audio System | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection. | |||||