10 matches found
VulnCheck KEV: CVE-2003-0050
parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters...
QuickTime Streaming Server parse_xml.cgi Remote Execution
$Id: qtssparsexmlexec.rb 7776 2009-12-09 15:13:35Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
Quicktime/Darwin 4.1.x Streaming Administration Server 'parse_xml.cgi' Multiple Vulnerabilities
QuickTime/Darwin streaming administration server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2003-0050
The CVE-2003-0050 issue affects Apple’s Darwin Streaming Administration Server (v4.1.2) and QuickTime Streaming Server (v4.1.1). It stems from parse_xml.cgi, where shell metacharacters injected by an attacker enable remote code execution. Multiple sources (NVD, CVE list, OpenVAS-style advisories)...
CVE-2003-0423
Apple QuickTime/Darwin Streaming Server’s parse_xml.cgi vulnerability (CVE-2003-0423) allows remote access to the source code of files via /parse_xml.cgi?filename=[file] for DS 4.1.3g and earlier. The issue is caused by Web root script disclosure, with no fix available at the time and Apple inves...
Apple QuickTimeDarwin Streaming Server 4.1.x - parse_xml.cgi File Disclosure
Apple QuickTimeDarwin Streaming Server 4.1.x - parsexml.cgi File Disclosure source: https://www.securityfocus.com/bid/6990/info A file retrieval vulnerability has been reported for QuickTime/Darwin Streaming Server. The vulnerability exists due to insufficient sanitization of some parameters give...
Darwin Streaming Server 4.1.2 - parse_xml.cgi Code Execution
Darwin Streaming Server 4.1.2 - parsexml.cgi Code Execution !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote...
Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit
No description provided by source. !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filenam...
Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Expl
Exploit for macOS platform in category remote exploits ======================================================================= Darwin Streaming Server 'filename'; $templatefile = $query-'template'; Based on http://wbyte.ath.cx/wbyte/researches/qtss-core.txt use IO::Socket; use LWP::Simple; use LW...
Darwin Streaming Server 4.1.2 - 'parse_xml.cgi' Code Execution
!/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filename = $query-'filename'; $templatefil...