Your submission was sent successfully! Close

USN-446-1: NAS vulnerabilities

28 March 2007

NAS vulnerabilities



Luigi Auriemma discovered multiple flaws in the Network Audio System
server. Remote attackers could send specially crafted network requests
that could lead to a denial of service or execution of arbitrary code.
Note that default Ubuntu installs do not include the NAS server.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.10
  • nas - 1.8-2ubuntu0.1
Ubuntu 6.06
  • nas - 1.7-3ubuntu3.2
Ubuntu 5.10
  • nas - 1.7-2ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.