4230 matches found
CVE-2003-0055
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename...
CVE-2004-0169
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service crash via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function...
CVE-2003-0052
parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories...
launch.yahoo.com Streaming Client Detection (deprecated)
Binary data 2525.prm...
FreeBSD : Darwin Streaming Server denial-of-service vulnerability (1)
The following package needs to be updated: DarwinStreamingServer %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgc7cad0f0671a11d8bdeb000a95bc6fae.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML :...
CVE-2004-0433
Multiple buffer overflows in the Real-Time Streaming Protocol RTSP client for 1 MPlayer before 1.0pre4 and 2 xine lib xine-lib before 1-rc4, when playing Real RTSP realrtsp streams, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URLs, b lo...
CVE-2004-0169
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service crash via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function...
Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests
Overview Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests containing overly large User-Agent fields. This could allow an unauthenticated, remote attacker to cause a denial-of-service condition. Description Apple's QuickTime and Darwin Streaming Server is software...
QuickTime/Darwin Streaming Server multiple bugs
Multiple bugs including uncommented shell characters, buffer overflows, etc...
[Full-Disclosure] iDEFENSE Security Advisory 02.23.04: Darwin Streaming Server Remote Denial of Service Vulnerability
iDEFENSE Security Advisory 02.23.04 Darwin Streaming Server Remote Denial of Service Vulnerability http://www.idefense.com/application/poi/display?id=75 February 23, 2004 I. BACKGROUND Darwin Streaming Server is server technology allowing for the streaming of QuickTime data to clients across the...
Darwin Streaming Server denial-of-service vulnerability
An attacker can cause an assertion to trigger by sending a long User-Agent field in a request...
CVE-2003-1414
Directory traversal vulnerability in parsexml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... triple dot in the filename parameter...
CVE-2003-1413
parsexml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages...
Apple QuickTime/Darwin Streaming Server integer overflow in MP3Broadcaster utility
Overview Apple's QuickTime and Darwin Streaming Server DSS package includes a utility called MP3Broadcaster. This utility contains an integer overflow which may be exploited to cause a denial of service. Description Apple's QuickTime and Darwin Streaming Server is software which provides integrat...
mpg123[v0.59r,v0.59s]: remote client-side heap corruption exploit.
did an audit of mpg123my mp3 player of choice, found a remotely exploitable bug in audio streaming servicehttpget.c; applies to v0.59r and v0.59spre, up to current as of writing this. the exploit comments explain how it works and how to find the memory addresses neededif not already a target valu...
MPG123 0.59 - Remote File Play Heap Corruption
// source: https://www.securityfocus.com/bid/8680/info A problem in the handling of some types of remote files has been reported in mpg123. Because of this, it may be possible for a remote attacker to execute arbitrary code with the privileges of the mpg123 user. / mpg123v0.59r,v0.59s: remote...
CVE-2003-0424
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space %20 or . %2e characters to an HTTP request for the script, e.g. viewbroadcast.cgi...
CVE-2003-0425
Apple QuickTime/Darwin Streaming Server before 4.1.3f (Win32) is vulnerable to Web Root Traversal and Arbitrary File Disclosure via HTTP requests containing three dots to break out of the web root (e.g., /.../qtusers). The issue affects Darwin Streaming Server v4.1.3e and earlier (Win32). Fixed: ...
CVE-2003-0425
Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... triple dot in an HTTP request...
CVE-2003-0426
CVE-2003-0426 : In Apple QuickTime/Darwin Streaming Server, prior to 4.1.3f, the HTTP-based admin server presents a Setup Assistant on first install that allows a remote attacker to set the administrator password and gain privileges before the legitimate administrator. Affected: Darwin Streaming ...