nas - several vulnerabilities

Several vulnerabilities have been discovered in nas, the Network Audio
System.

• CVE-2007-1543
  A stack-based buffer overflow in the accept_att_local function in
  server/os/connection.c in nas allows remote attackers to execute
  arbitrary code via a long path slave name in a USL socket connection.
• CVE-2007-1544
  An integer overflow in the ProcAuWriteElement function in
  server/dia/audispatch.c allows remote attackers to cause a denial of
  service (crash) and possibly execute arbitrary code via a large
  max_samples value.
• CVE-2007-1545
  The AddResource function in server/dia/resource.c allows remote
  attackers to cause a denial of service (server crash) via a
  nonexistent client ID.
• CVE-2007-1546
  An array index error allows remote attackers to cause a denial of service
  (crash) via (1) large num_action values in the ProcAuSetElements
  function in server/dia/audispatch.c or (2) a large inputNum parameter
  to the compileInputs function in server/dia/auutil.c.
• CVE-2007-1547
  The ReadRequestFromClient function in server/os/io.c allows remote
  attackers to cause a denial of service (crash) via multiple
  simultaneous connections, which triggers a NULL pointer dereference.

For the stable distribution (sarge), these problems have been fixed in
version 1.7-2sarge1.

For the upcoming stable distribution (etch) and the unstable
distribution (sid) these problems have been fixed in version 1.8-4.

We recommend that you upgrade your nas package.