1
Candidate: CVE-2007-5825
3
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825
5
Format string vulnerability in the ws_addarg function in webserver.c in
6
mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to
7
execute arbitrary code via a stats method action to /xml-rpc with format string
8
specifiers in the (1) username or (2) password portion of base64-encoded data
9
on the "Authorization: Basic" HTTP header line.
18
upstream_mt-daapd: released (0.9~r1696-1)
20
feisty_mt-daapd: needed
21
gutsy_mt-daapd: needed
22
hardy_mt-daapd: not-affected (0.9~r1696-1.1)
23
devel_mt-daapd: not-affected (0.9~r1696-1.3build1)