CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2013-4256 – Debian Security Advisory 2771-1
https://notcve.org/view.php?id=CVE-2013-4256
20 Aug 2013 — Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to th... • http://radscan.com/pipermail/nas/2013-August/001270.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2013-4258 – Debian Security Advisory 2771-1
https://notcve.org/view.php?id=CVE-2013-4258
20 Aug 2013 — Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog. Vulnerabilidad de cadena de formato en la función de osLogMsg en server/os/aulog.c de Network Audio System (NAS) 1.9.3 permite a atacantes remotos provocar una denegación de servicio (cuelgue) o posiblemente ejecutar código arbitrari... • http://radscan.com/pipermail/nas/2013-August/001270.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 10.0EPSS: 7%CPEs: 3EXPL: 1CVE-2007-1543
https://notcve.org/view.php?id=CVE-2007-1543
20 Mar 2007 — Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection. Desbordamiento de búfer basado en pila en la función accept_att_local en server/os/connection.c de Network Audio System (NAS) anterior a 1.8a SVN 237 permite a atacantes remotos ejecutar código de su elección mediante un nombre largo una conexión de socket USL. • http://aluigi.altervista.org/adv/nasbugs-adv.txt •
CVSS: 9.8EPSS: 6%CPEs: 3EXPL: 1CVE-2007-1544
https://notcve.org/view.php?id=CVE-2007-1544
20 Mar 2007 — Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value. Desbordamiento de enteros en la función ProcAuWriteElement en server/dia/audispatch.c en Network Audio System (NAS) anterior a 1.8a SVN 237 permite a atacantes remotos provocar denegación de servicio (caida) y posiblemente ejecutar código de su elección a... • http://aluigi.altervista.org/adv/nasbugs-adv.txt •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 1CVE-2007-1545
https://notcve.org/view.php?id=CVE-2007-1545
20 Mar 2007 — The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID. La función AddResource en server/dia/resource.c de Network Audio System (NAS) anterior a 1.8a SVN 237 permite a atacantes remotos provocar una denegación de servicio (caída del servidor) mediante un identificador de cliente inexistente. • http://aluigi.altervista.org/adv/nasbugs-adv.txt •
CVSS: 7.5EPSS: 5%CPEs: 3EXPL: 1CVE-2007-1546
https://notcve.org/view.php?id=CVE-2007-1546
20 Mar 2007 — Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c. Error de índice de array en Network Audio System (NAS) anterior a 1.8a SVN 237 permite a atacantes remotos provocar una denegación de servicio (caída) mediante (1) valores grandes de num_action en la fu... • http://aluigi.altervista.org/adv/nasbugs-adv.txt •
CVSS: 7.8EPSS: 3%CPEs: 4EXPL: 0CVE-2007-1547
https://notcve.org/view.php?id=CVE-2007-1547
20 Mar 2007 — The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference. La función ReadRequestFromClient en server/os/io.c de Network Audio System (NAS) anterior a 1.8a SVN 237 permite a atacantes remotos provocar una denegación de servicio (caída) mediante múltiples conexiones simultaneas, lo cual provoca una referencia a un puntero nu... • http://aluigi.altervista.org/adv/nasbugs-adv.txt •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2007-1371 – radscan conquest 8.2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-1371
10 Mar 2007 — Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, diff... • https://www.exploit-db.com/exploits/29717 •