CVE-2013-4258

Name of the Vulnerable Software and Affected Versions Network Audio System (NAS) versions prior to 1.9.4 Gentoo Linux (affected versions not specified) Debian GNU/Linux (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the NAS package of Gentoo Linux and Debian GNU/Linux operating systems. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. A specific format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog.

Recommendations For Network Audio System (NAS) versions prior to 1.9.4, update to version 1.9.4 or later to resolve the issue. For Gentoo Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Debian GNU/Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.