[UPH-07-01] Firefly Media Server DoS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 UPH-07-01 UnprotectedHex.com security advisory 07-01 Discovered by nnp Discovered : 1 August 2007 Reported to the vendor : 13 October 2007 Fixed by vendor : 21 October 2007 Vulnerability class : Remote DoS Affected product : mt-dappd/Firefly Media...

Format string

Format string vulnerability in the wsaddarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the 1 username or 2 password portion of base64-encoded...

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

Authorization

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

CVE-2007-5825

CVE-2007-5825 is a format-string vulnerability in the mt-daapd Firefly Media Server (ws_addarg in webserver.c) that can be triggered via the Authorization: Basic header (base64 username/password) in XML-RPC requests, allowing remote code execution. The issue affects Firefly MT‑DAAPD up to version...

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

Firefly Media Server <= 0.2.4 Remote Denial of Service Exploit

No description provided by source. !C:\python25\python25.exe """ Advisory : UPH-07-02 mt-dappd/Firefly media server remote DoS Discovered by nnp http://www.unprotectedhex.com """ import sys import socket import time if lensys.argv != 3: sys.exit-1...

uph0701.py.txt

!C:\python25\python25.exe """ Advisory : UPH-07-01 mt-dappd/Firefly media server remote DoS Discovered by nnp http://www.unprotectedhex.com """ import sys import socket import time if lensys.argv != 3: sys.exit-1 killmsg = """GET /xml-rpc?method=stats HTTP/1.1\r\n INVALIDLINE\r\n\r\n""" host =...