Debian Security Advisory 1597-1 – Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code. Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code. An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/67267/dsa-1597-1.txt
Source: https://packetstormsecurity.com/files/67267/Debian-Linux-Security-Advisory-1597-1.html