USN-446-1: NAS vulnerabilities
Ubuntu Security Notice USN-446-1
28th March, 2007
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 6.10
- Ubuntu 6.06 LTS
- Ubuntu 5.10
Luigi Auriemma discovered multiple flaws in the Network Audio System
server. Remote attackers could send specially crafted network requests
that could lead to a denial of service or execution of arbitrary code.
Note that default Ubuntu installs do not include the NAS server.
The problem can be corrected by updating your system to the following package version:
- Ubuntu 6.10:
- nas 1.8-2ubuntu0.1
- Ubuntu 6.06 LTS:
- nas 1.7-3ubuntu3.2
- Ubuntu 5.10:
- nas 1.7-2ubuntu2.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system upgrade is sufficient to effect the