----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/

----------------------------------------------------------------------

TITLE:
Debian update for mt-daapd

SECUNIA ADVISORY ID:
SA30661

VERIFY ADVISORY:
http://secunia.com/advisories/30661/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
>From local network

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for mt-daapd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or to potentially compromise a vulnerable
system.

For more information:
SA28269
SA29919

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.dsc
Size/MD5 checksum:765 a303c40811df75fd395c28485d038ceb
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
Size/MD5 checksum: 8929 a565dacb5773182a44b367b6c78a0da8
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376.orig.tar.gz
Size/MD5 checksum: 995301 c427c26e93914290b7cd615835ea333a

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_alpha.deb
Size/MD5 checksum: 637280 653700658a98af964ca5fabf5ff4086b

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb
Size/MD5 checksum: 610844 9297976354240c5a75b2c3636fe0746d

arm architecture (ARM)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_arm.deb
Size/MD5 checksum: 593834 58ccb78ac69ba94fff63580d19abec49

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_hppa.deb
Size/MD5 checksum: 628712 9424c2f2edb35321b05a59d7ef37b0d8

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_i386.deb
Size/MD5 checksum: 598872 3ffa9c84c8fac6542b0ee05ff0bb26a0

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_ia64.deb
Size/MD5 checksum: 680088 e8135a0ad1e70a95e4d0d6eafe475303

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_mips.deb
Size/MD5 checksum: 620220 156fd7841ebbf48977ffbc5dd1df35e6

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_mipsel.deb
Size/MD5 checksum: 615246 fcc02299e63b17c6d29621769a79efd8

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_powerpc.deb
Size/MD5 checksum: 620258 959237abd21efeb7b486bb092ad81d5e

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_s390.deb
Size/MD5 checksum: 623142 a74cec69d272a1ba4fe9d232b992b572

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_sparc.deb
Size/MD5 checksum: 595390 6eb767c6fb3d4a12448928f31754f0c5

-- Debian GNU/Linux unstable alias sid --

Fixed in version 0.9~r1696-1.3.

ORIGINAL ADVISORY:
http://lists.debian.org/debian-security-announce/2008/msg00177.html

OTHER REFERENCES:
SA28269:
http://secunia.com/advisories/28269/

SA29919:
http://secunia.com/advisories/29919/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------