| VID |
22459 |
| Severity |
40 |
| Port |
3689,9999 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Firefly Media Server is vulnerable to a format string vulnerability in the ws_addarg function. Firefly Media Server (previously known as Multi-Threaded DAAP Daemon - mt-daapd) is a media streaming server. Firefly Media Server version 0.2.4 and earlier versions could allow a remote attacker to execute arbitrary code on the system, caused by a format string vulnerability in the ws_addarg() function. By sending a specially-crafted HTTP authentication request containing malicious format specifiers in the username or password portion of base64-encoded data on the Authorization: Basic HTTP header line, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the affected service to crash.
* References:
http://sourceforge.net/project/shownotes.php?release_id=548679&group_id=98211
http://www.securityfocus.com/archive/1/483209/30/0/threaded
* Platforms Affected:
Firefly Media Server version 0.2.4 and earlier versions
Linux Any version |
| Recommendation |
Upgrade to the latest version of Firefly Media Server (mt-daapd) (0.2.4.1 or later), available from the FireFly Media Server Web site at http://www.fireflymediaserver.org/ |
| Related URL |
CVE-2007-5825 (CVE) |
| Related URL |
26310 (SecurityFocus) |
| Related URL |
38243 (ISS) |
|
