27 matches found
EUVD-2003-0048
Malware in sbrugna...
EUVD-2003-0050
Malware in sbrugna...
EUVD-2003-0049
Malware in sbrugna...
EUVD-2003-1404
Malware in sbrugna...
EUVD-2005-2196
Malware in sbrugna...
EUVD-2003-1403
Malware in sbrugna...
CVE-2003-1413
The CVE-2003-1413 entry concerns Apple Darwin Streaming Server 4.1.1, where parse_xml.cgi is vulnerable to a path-based check that leaks file existence information. By supplying a filename parameter containing ".." sequences, an attacker can trigger distinct error messages that allow remote deter...
CVE-2003-1414
CVE-2003-1414 describes a directory traversal vulnerability in the parse_xml.cgi component of Apple Darwin Streaming Server 4.1.2 and Apple QuickTime Streaming Server 4.1.1. The issue allows remote attackers to read arbitrary files by manipulating the filename parameter. The vulnerability affects...
CVE-2003-1413
parsexml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages...
Darwin Streaming Server < 5.5.5 Multiple RCE Vulnerabilities
According to its banner, the version of Apple Darwin Streaming Server running on the remote host is prior to version 5.5.5. It is, therefore, affected by multiple vulnerabilities : - A heap buffer overflow condition exists in the Apple Darwin Streaming Proxy that allows an unauthenticated, remote...
CVE-2007-0749
Multiple stack-based buffer overflows in the iscommand function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long 1 cmd or 2 server value in an RTSP request...
CVE-2007-0749
Multiple stack-based buffer overflows in the iscommand function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long 1 cmd or 2 server value in an RTSP request...
CVE-2007-0749
Apple Darwin Streaming Proxy contains a stack-based buffer overflow in the is_command() function of proxy.c, exploitable via an overly long cmd or server value in an RTSP request. Affected: Darwin Streaming Server before 5.5.5. Impact: remote code execution with the privileges of the running serv...
Apple Darwin Streaming Proxy multiple buffer overflows
Multiple buffer overflows on parsing different commands...
iDefense Security Advisory 05.10.07: Apple Darwin Streaming Proxy Multiple Vulnerabilities
Apple Darwin Streaming Proxy Multiple Vulnerabilities iDefense Security Advisory 05.10.07 http://labs.idefense.com/intelligence/vulnerabilities/ May 10, 2007 I. BACKGROUND Darwin Streaming Server is a server technology that facilitates streaming of QuickTime data to clients across the Internet...
CVE-2005-2195
Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service application crash via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502...
Apple Darwin Streaming Server special device name DoS
DoS with Web interface while requesting document with special DOS device name...
Apple Darwin Streaming Server NULL pointer DoS
Null pointer reference in DESCRIBE command...
CVE-2003-0055
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename...
CVE-2003-0052
parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories...