CVE-2007-1547

Name of the Vulnerable Software and Affected Versions nas versions prior to 1.8b

Description The issue concerns multiple vulnerabilities in the nas package, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. The ReadRequestFromClient function in server/os/io.c is specifically vulnerable to remote attackers, who can cause a denial of service (crash) via multiple simultaneous connections, triggering a NULL pointer dereference.

Recommendations For nas versions prior to 1.8b, update to version 1.8b or later to resolve the issue. As a temporary workaround, consider restricting access to the ReadRequestFromClient function in server/os/io.c to minimize the risk of exploitation.