Network Audio System Security Vulnerabilities and Issues — Network Audio System CVE List

RadscanNetwork Audio System

7 matches found

CVE•added 2013/10/09 2:44 p.m.•70 views

CVE-2013-4258

CVE-2013-4258 affects Network Audio System (NAS) 1.9.3. A format string vulnerability in the osLogMsg function (server/os/aulog.c) can allow remote attackers to crash NAS or possibly execute arbitrary code via format specifiers related to syslog. Public advisories note multiple vulnerabilities in...

7.5CVSS7.6AI score0.0408EPSS

CVE•added 2013/10/09 2:44 p.m.•68 views

CVE-2013-4256

CVE-2013-4256 describes multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 that could allow a local attacker to crash the process or potentially execute arbitrary code via several NAS server modules (e.g., ProcessCommandLine, ResetHosts, various open/unix soc...

4.6CVSS7.7AI score0.00702EPSS

CVE•added 2007/03/20 10:0 p.m.•67 views

CVE-2007-1544

CVE-2007-1544 affects the Network Audio System (nas) server. A stack/integer overflow in ProcAuWriteElement (server/dia/audispatch.c) in NAS versions before 1.8a SVN 237 enables a remote attacker to crash the service and potentially execute arbitrary code via a large max_samples value. This is on...

5CVSS7.6AI score0.04637EPSS

CVE•added 2007/03/20 10:0 p.m.•64 views

CVE-2007-1543

The CVE-2007-1543 issue affects Network Audio System (NAS) prior to 1.8a SVN 237. A stack-based buffer overflow in accept_att_local (server/os/connection.c) can be triggered by a long path slave name over a USL socket, enabling remote code execution. Other CVEs (CVE-2007-1544 to CVE-2007-1547) ac...

10CVSS7.7AI score0.08015EPSS

CVE•added 2007/03/20 10:0 p.m.•60 views

CVE-2007-1545

CVE-2007-1545 is a vulnerability in Network Audio System (NAS) prior to NAS 1.8a SVN 237 where the AddResource function can crash the server via a nonexistent client ID, enabling a remote denial of service. The connected Debian advisory (DSA-1273-1) enumerates five NAS flaws (CVE-2007-1543 to CVE...

5CVSS6.1AI score0.02428EPSS

CVE•added 2007/03/20 10:0 p.m.•55 views

CVE-2007-1546

CVE-2007-1546 affects the Network Audio System (NAS) prior to 1.8a SVN 237. The vulnerability is an array index error in NAS code paths: ProcAuSetElements (server/dia/audispatch.c) and compileInputs (server/dia/auutil.c). A remote attacker can trigger a denial of service (crash) by sending large ...

5CVSS6.3AI score0.02428EPSS

CVE•added 2007/03/20 10:0 p.m.•55 views

CVE-2007-1547

Vulnerability (CVE-2007-1547) affects the Network Audio System (NAS). The issue is in the ReadRequestFromClient function (server/os/io.c) where handling multiple simultaneous connections can trigger a NULL pointer dereference, allowing a remote attacker to cause a crash (DoS). Affected software i...

7.8CVSS6.2AI score0.03789EPSS