CERTVU:460350Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.03 Low
EPSS
Percentile
90.9%
Overview
Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests containing overly large User-Agent fields. This could allow an unauthenticated, remote attacker to cause a denial-of-service condition.
Description
Apple’s QuickTime and Darwin Streaming Server is software which provides integrated distribution of various forms of digital content. Such content can be delivered over a network using Real-Time Transport Protocol (RTP) and Real-Time Streaming Protocol (RTSP).
The RTSP provides a DESCRIBE method which according to RFC 2326 “retrieves the description of a presentation or media object identified by the request URL from a server. It may use the Accept header to specify the description formats that the client understands. The server responds with a description of the requested resource. The DESCRIBE reply-response pair constitutes the media initialization phase of RTSP.”
There is a vulnerability in the way the Quicktime/Darwin Streaming Server parses DESCRIBE requests containing specially crafted User-Agent fields. An attacker could exploit this vulnerability by sending a DESCRIBE request containing an overly large User-Agent field.
Impact
An unauthenticated, remote attacker could prevent legitimate users from accessing the streamed content.
Solution
Apply Patch
Apple has released a patch to address this vulnerability. For further details, please see the Apple Security Advisory (Security Update 2004-02-23).
Vendor Information
460350
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Apple Computer Inc. __ Affected
Updated: February 25, 2004
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please refer to the Apple Security Advisory.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23460350 Feedback>).
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- <http://www.idefense.com/application/poi/display?id=75>
- <http://www.apple.com/support/security/security_updates.html>
- <http://www.ietf.org/rfc/rfc2326.txt>
Acknowledgements
This vulnerability was reported by iDefense.
This document was written by Damon Morda.
Other Information
| CVE IDs: | CVE-2004-0169 |
|---|---|
| Severity Metric: | 1.68 Date Public: |
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.03 Low
EPSS
Percentile
90.9%