CVE-2007-1547
published 2007-03-20CVE-2007-1547: The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service…
PriorityP430high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
3.79%
88.6th percentile
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nas | < nas 1.8-4 (bookworm) | nas 1.8-4 (bookworm) |
| radscan | network_audio_system | — | — |
| starwindsoftware | nas | >= 0 < 1.8-4 | 1.8-4 |
| starwindsoftware | nas | >= 0 < 1.8-4 | 1.8-4 |
| starwindsoftware | nas | >= 0 < 1.8-4 | 1.8-4 |
| starwindsoftware | nas | >= 0 < 1.8-4 | 1.8-4 |
CVSS provenance
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH
vendor_debian7.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
NAS vulnerabilities
vendor_ubuntu·2007-03-28
CVE-2007-1547 NAS vulnerabilities
Title: NAS vulnerabilities
Summary: NAS vulnerabilities
Luigi Auriemma discovered multiple flaws in the Network Audio System
server. Remote attackers could send specially crafted network requests
that could lead to a denial of service or execution of arbitrary code.
Note that default Ubuntu installs do not include the NAS server.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Debian
CVE-2007-1547: nas - The ReadRequestFromClient function in server/os/io.c in Network Audio System (NA...
vendor_debian·2007·CVSS 7.8
CVE-2007-1547 [HIGH] CVE-2007-1547: nas - The ReadRequestFromClient function in server/os/io.c in Network Audio System (NA...
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
Scope: local
bookworm: resolved (fixed in 1.8-4)
bullseye: resolved (fixed in 1.8-4)
forky: resolved (fixed in 1.8-4)
sid: resolved (fixed in 1.8-4)
trixie: resolved (fixed in 1.8-4)
GHSA
GHSA-9wxh-fmqh-vwx6: The ReadRequestFromClient function in server/os/io
ghsa_unreviewed·2022-05-01
CVE-2007-1547 [HIGH] GHSA-9wxh-fmqh-vwx6: The ReadRequestFromClient function in server/os/io
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
OSV
CVE-2007-1547: The ReadRequestFromClient function in server/os/io
osv·2007-03-20·CVSS 7.8
CVE-2007-1547 [HIGH] CVE-2007-1547: The ReadRequestFromClient function in server/os/io
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
No detection rules found.
No public exploits indexed.
http://aluigi.altervista.org/adv/nasbugs-adv.txthttp://secunia.com/advisories/24527http://secunia.com/advisories/24601http://secunia.com/advisories/24628http://secunia.com/advisories/24638http://secunia.com/advisories/24980http://security.gentoo.org/glsa/glsa-200704-20.xmlhttp://www.debian.org/security/2007/dsa-1273http://www.mandriva.com/security/advisories?name=MDKSA-2007:065http://www.radscan.com/nas/HISTORYhttp://www.securityfocus.com/archive/1/464606/30/7230/threadedhttp://www.securityfocus.com/bid/23017http://www.securitytracker.com/id?1017822http://www.ubuntu.com/usn/usn-446-1http://www.vupen.com/english/advisories/2007/0997https://exchange.xforce.ibmcloud.com/vulnerabilities/33059http://aluigi.altervista.org/adv/nasbugs-adv.txthttp://secunia.com/advisories/24527http://secunia.com/advisories/24601http://secunia.com/advisories/24628http://secunia.com/advisories/24638http://secunia.com/advisories/24980http://security.gentoo.org/glsa/glsa-200704-20.xmlhttp://www.debian.org/security/2007/dsa-1273http://www.mandriva.com/security/advisories?name=MDKSA-2007:065http://www.radscan.com/nas/HISTORYhttp://www.securityfocus.com/archive/1/464606/30/7230/threadedhttp://www.securityfocus.com/bid/23017http://www.securitytracker.com/id?1017822http://www.ubuntu.com/usn/usn-446-1http://www.vupen.com/english/advisories/2007/0997https://exchange.xforce.ibmcloud.com/vulnerabilities/33059
2007-03-20
Published