From ${URL} : recently i reported some vulnerabilities in Network Audio System (NAS) - v1.9.3 These vulnerabilities reported at : http://radscan.com/pipermail/nas/2013-August/001270.html and 3 fix on upstream : https://sourceforge.net/p/nas/code/288/ https://sourceforge.net/p/nas/code/287/tree//trunk/server/os/utils.c?diff=517ad7dc2718467b12eafbad:286 https://sourceforge.net/p/nas/code/289/tree//trunk/server/os/connection.c?diff=517ad7dc2718467b12eafbad:288 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
CVE-2013-4257 was rejected and merged into CVE-2013-4256
CVE-2013-4258 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4258): Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog. CVE-2013-4256 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4256): Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c.
(In reply to Agostino Sarubbo from comment #0) > https://sourceforge.net/p/nas/code/288/ > https://sourceforge.net/p/nas/code/287/tree//trunk/server/os/utils. > c?diff=517ad7dc2718467b12eafbad:286 > https://sourceforge.net/p/nas/code/289/tree//trunk/server/os/connection. > c?diff=517ad7dc2718467b12eafbad:288 I get 404 from those links.
*** Bug 501498 has been marked as a duplicate of this bug. ***
I see now that these are fixed in upstream release of 1.9.4 which is now in Portage. Please test and stabilize: =media-libs/nas-1.9.4 Also required for bug 495798.
Stable for HPPA.
amd64 stable
x86 stable
ppc64 stable
ppc stable
arm stable
alpha stable
ia64 stable
sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
(In reply to Agostino Sarubbo from comment #14) > sparc stable. > > Maintainer(s), please cleanup. > Security, please add it to the existing request, or file a new one. cleanup done
Arches and Maintainer(s), Thank you for your work. New GLSA Request filed.
This issue was resolved and addressed in GLSA 201406-22 at http://security.gentoo.org/glsa/glsa-201406-22.xml by GLSA coordinator Mikle Kolyada (Zlogene).
