CVE-2007-5825

Name of the Vulnerable Software and Affected Versions Firefly Media Server versions 0.2.4 and earlier

Description The issue allows remote attackers to execute arbitrary code via a stats method action to "/xml-rpc" with format string specifiers in the username or password portion of base64-encoded data on the "Authorization: Basic" HTTP header line. This is due to a format string vulnerability in the ws addarg function in webserver.c in mt-dappd.

Recommendations For Firefly Media Server versions 0.2.4 and earlier, as a temporary workaround, consider restricting access to the "/xml-rpc" API endpoint until a patch is available. Avoid using format string specifiers in the username or password portion of base64-encoded data on the "Authorization: Basic" HTTP header line. At the moment, there is no information about a newer version that contains a fix for this vulnerability.