CVE-2007-1543 (High) :
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network
Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a
long path slave name in a USL socket connection.
CVE-2007-1544 (Medium) :
Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio
System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via a large max_samples value.
CVE-2007-1545 (Medium) :
The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a
SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent
client ID.
CVE-2007-1546 (Medium) :
Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to
cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements
function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function
in server/dia/auutil.c.
CVE-2007-1547 (High) :
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before
1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple
simultaneous connections, which triggers a NULL pointer dereference.
Aldas Nabazas
84c4ca2121