Launchpad.net

CVE 2007-1546

Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c.

Related bugs and status

CVE-2007-1546 (Candidate) is related to these bugs:

Bug #96723: [Sync request] Sync nas (1.8-4) from Debian unstable (main)

		In	Importance	Status
96723	[Sync request] Sync nas (1.8-4) from Debian unstable (main)	nas (Ubuntu)	Low	Fix Released
96723	[Sync request] Sync nas (1.8-4) from Debian unstable (main)	nas (Ubuntu Breezy)	Low	Fix Released
96723	[Sync request] Sync nas (1.8-4) from Debian unstable (main)	nas (Ubuntu Dapper)	Low	Fix Released
96723	[Sync request] Sync nas (1.8-4) from Debian unstable (main)	nas (Ubuntu Edgy)	Low	Fix Released
96723	[Sync request] Sync nas (1.8-4) from Debian unstable (main)	nas (Ubuntu Feisty)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://aluigi.altervis...
BID: 23017
SECUNIA: 24527
DEBIAN: DSA-1273
MANDRIVA: MDKSA-2007:065
UBUNTU: USN-446-1
SECUNIA: 24601
SECUNIA: 24628
SECUNIA: 24638
CONFIRM: http://www.radscan.com...
SECTRACK: 1017822
GENTOO: GLSA-200704-20
SECUNIA: 24980
VUPEN: ADV-2007-0997
XF: nas-procausetelements-...
XF: nas-compileinputs-dos(...
BUGTRAQ: 20070403 FLEA-2007-000...