iTunes < 8.1 Multiple Vulnerabilities

According to its banner, the version of iTunes installed on the remote host is older than 8.1.

Such versions may be affected by multiple vulnerabilities :

• It may be possible to cause a denial of service by sending a maliciously crafted DAAP header to the application. Note that this flaw only affects iTunes running on a Windows host. (CVE-2009-0016)

• When subscribing to a podcast an authentication dialog may be presented without clarifying the origin of the authentication request. An attacker could exploit this flaw in order to steal the user’s iTunes credentials. (CVE-2009-0143)");