USN-446-1: NAS vulnerabilities

28 March 2007

nas vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 6.10
  • Ubuntu 6.06 LTS
  • Ubuntu 5.10

Software Description

Details

Luigi Auriemma discovered multiple flaws in the Network Audio System server. Remote attackers could send specially crafted network requests that could lead to a denial of service or execution of arbitrary code.
Note that default Ubuntu installs do not include the NAS server.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.10
nas - 1.8-2ubuntu0.1
Ubuntu 6.06 LTS
nas - 1.7-3ubuntu3.2
Ubuntu 5.10
nas - 1.7-2ubuntu2.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to effect the necessary changes.

References