Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Nero MediaHome, which can be exploited by malicious people to cause a DoS (Denial of Service).
ecebd859814689dd54e86587769016744b465fd819f251dabf6e5d4fa21bccba
----------------------------------------------------------------------
Secunia Network Software Inspector 2.0 (NSI) - Public Beta
17 days left of beta period.
The 1st generation of the Secunia Network Software Inspector (NSI)
has been available for corporate users for almost 1 year and its been
a tremendous success.
The 2nd generation Secunia NSI is built on the same technology as the
award winning Secunia PSI, which has already been downloaded and
installed on more than 400,000 computers world wide.
Learn more / Download (instant access):
http://secunia.com/network_software_inspector_2/
----------------------------------------------------------------------
TITLE:
Nero MediaHome Denial of Service Vulnerability
SECUNIA ADVISORY ID:
SA29808
VERIFY ADVISORY:
http://secunia.com/advisories/29808/
CRITICAL:
Less critical
IMPACT:
DoS
WHERE:
>From local network
SOFTWARE:
Nero MediaHome 3.x
http://secunia.com/product/17236/
DESCRIPTION:
Luigi Auriemma has discovered a vulnerability in Nero MediaHome,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
The vulnerability is caused due to a NULL-pointer dereference error
in NMMediaServer.exe and can be exploited to cause the process to
crash via e.g. sending an overly long string to default port
54444/TCP.
The vulnerability is confirmed in version 3.3.3.0 included in Nero
version 8.3.2.1. Other versions may also be affected.
SOLUTION:
Use in a trusted network environment only.
PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma
ORIGINAL ADVISORY:
http://aluigi.altervista.org/adv/neromedia-adv.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------