USN-1986-1: Network Audio System (NAS) vulnerabilities

Ubuntu Security Notice USN-1986-1

1st October, 2013

nas vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Network Audio System (NAS).

Software description

  • nas - Network Audio System

Details

Hamid Zamani discovered multiple security issues in the Network Audio
System (NAS) server. An attacker could possibly use these issues to cause a
denial of service or execute arbitrary code. (CVE-2013-4256, CVE-2013-4257)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 13.04:
nas 1.9.3-5ubuntu0.13.04.1
Ubuntu 12.10:
nas 1.9.3-5ubuntu0.12.10.1
Ubuntu 12.04 LTS:
nas 1.9.3-4ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2013-4256, CVE-2013-4257