CVE-2007-1543

Name of the Vulnerable Software and Affected Versions Network Audio System (NAS) versions prior to 1.8b Debian GNU/Linux package nas-bin (affected versions not specified) Debian GNU/Linux package libaudio2 (affected versions not specified) Debian GNU/Linux package nas-doc (affected versions not specified) Debian GNU/Linux package libaudio-dev (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the Network Audio System (NAS) and related packages in Debian GNU/Linux, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. A specific vulnerability is a stack-based buffer overflow in the accept att local function, allowing remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.

Recommendations For Network Audio System (NAS) versions prior to 1.8b, update to version 1.8b or later. For Debian GNU/Linux packages nas-bin, libaudio2, nas-doc, and libaudio-dev, at the moment, there is no information about a newer version that contains a fix for this vulnerability.