Hi, forgot to include the other CVE id: CVE-2007-5825[0]: | Format string vulnerability in the ws_addarg function in webserver.c | in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote | attackers to execute arbitrary code via a stats method action to | /xml-rpc with format string specifiers in the (1) username or (2) | password portion of base64-encoded data on the "Authorization: Basic" | HTTP header line.
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825 http://security-tracker.debian.net/tracker/CVE-2007-5825 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgppQ5VHtcIyb.pgp
Description: PGP signature
