lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <d65cd4390507130221a5bc4db@mail.gmail.com> Date: Wed Jul 13 10:21:31 2005 From: smaillist at gmail.com (Sowhat .) Subject: APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce By Sowhat 2005.07.13 http://secway.org/Advisory/AD20050713.txt Vendor Apple Inc. Product Affected Darwin Streaming Server 5.5 and below (for Win32) CVE-ID: CAN-2005-2195 OverView: Darwin Streaming Server is server technology allowing for the streaming of QuickTime data to clients across the Internet using the industry standard RTP and RTSP protocols. Details: Darwin Streaming Server is distributed with a web-based admin application that allows it to be configured through a web browser. Version 5.5 and below of the Windows 2000/2003 Server distribution of this package is vulnerable to a denial of service. Exploitation of this flaw allows unauthenticated remote attackers to prevent legitimate usage. The vulnerability specifically occurs upon the attacker Requesting a MS-DOS device name (e.g. AUX) over HTTP (port 1220) with a .cgi extention. please note that this is not the CAN-2003-0421 And CAN-2003-0502 reported bye Rapid7 in 2003, http://www.rapid7.com/advisories/R7-0015.html CAN-2003-0421 GET /AUX HTTP/1.0 CAN-2003-0502 GET /../AUX HTTP/1.0 This time , GET /AUX.cgi HTTP/1.0 Vendor Response: Vendor notified on 2005.06.27 via email to product-security@...le.com Vendor responsed on 2005.06.28 AND published the patched version 5.5.1 on 2005.07.12 Please update to Darwin Streaming Server 5.5.1 http://developer.apple.com/darwin/projects/streaming/
Powered by blists - more mailing lists