4283 matches found
Apple QuickTimeDarwin Streaming Server 4.1.3 QTSSReflector Module - Integer Overflow
Apple QuickTimeDarwin Streaming Server 4.1.3 QTSSReflector Module - Integer Overflow source: https://www.securityfocus.com/bid/7659/info A vulnerability has been reported for Apple QuickTime/Darwin Streaming Server. The problem is said to occur within the QTSSReflector module while processing the...
Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module - Integer Overflow
source: https://www.securityfocus.com/bid/7659/info A vulnerability has been reported for Apple QuickTime/Darwin Streaming Server. The problem is said to occur within the QTSSReflector module while processing the ANNOUNCE command. Specifically, by specifying an extremely large value as an argumen...
WsMp3 Daemon (WsMp3d) HTTP Traversal Arbitrary File Execution/Access
The remote host is using wsmp3d, an MP3 streaming web server. There is a flaw in this server that allows anyone to execute arbitrary commands and read arbitrary files with the privileges this server is running with. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid1164...
Helix Servers View Source Plug-in RTSP Parser Overflow
The remote host is running RealServer or Helix Universal Server, media streaming servers. According to its banner, the version of the server installed on the remote host may be affected by a buffer overflow vulnerability when handling URLs with many '/' characters and another when handling...
CVE-2003-0050
parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters...
CVE-2003-0053
Cross-site scripting XSS vulnerability in parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message...
CVE-2003-0055
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename...
CVE-2003-0054
Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed usin...
Re: QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Word. I've found two other issues in QuickTime Streaming Server v4.1.1 that seem to be fixed in the newest v4.1.3: 1. File probing: Request: http://localhost:1220/parsexml.cgi?filename=../nonexistent Response: 'Can't access HTML file '../nonexistent'!...
Apple QuickTimeDarwin Streaming Server 4.1.x - parse_xml.cgi File Disclosure
Apple QuickTimeDarwin Streaming Server 4.1.x - parsexml.cgi File Disclosure source: https://www.securityfocus.com/bid/6990/info A file retrieval vulnerability has been reported for QuickTime/Darwin Streaming Server. The vulnerability exists due to insufficient sanitization of some parameters give...
QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities Release Date: 03-24-2003 Application: Darwin Streaming Server 4.1.2 QuickTime Streaming Server 4.1.1 Platform: MacO...
Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Expl
Exploit for macOS platform in category remote exploits ======================================================================= Darwin Streaming Server 'filename'; $templatefile = $query-'template'; Based on http://wbyte.ath.cx/wbyte/researches/qtss-core.txt use IO::Socket; use LWP::Simple; use LW...
Darwin Streaming Server 4.1.2 - parse_xml.cgi Code Execution
Darwin Streaming Server 4.1.2 - parsexml.cgi Code Execution !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote...
Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit
No description provided by source. !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filenam...
Darwin Streaming Server 4.1.2 - 'parse_xml.cgi' Code Execution
!/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filename = $query-'filename'; $templatefil...
CVE-2001-1083
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service crash via a URL that ends in . dot, / forward slash, or \ backward slash...
[RHSA-2002:078-04] Updated mpg321 packages available
--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated mpg321 packages available Advisory ID: RHSA-2002:078-04 Issue date: 2002-04-30 Updated on: 2002-05-06 Product: Red Hat Linux Keywords: mp321 buffer overflow network Cros...
Shoutcast Server Buffer Crashes Server
The following information is being released by PA Networks to expose a potential problem with the Shoutcast server for Linux version v1.7.1 for Shoutcast Distributed Network Audio Server. During testing of new streams the following was discovered. Software Needed To Perform This Overflow: Winamp...
Microsoft Windows Media Services 4.04.1 - Denial of Service (MS00-038)
Microsoft Windows Media Services 4.04.1 - Denial of Service MS00-038 // source: https://www.securityfocus.com/bid/1282/info Windows Media Encoder is part of Windows Media Services. It's purpose is to convert content into a suitable format for video or audio streaming through the Media Services. I...
Remote DoS attack in Real Networks Real Server Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS attack in Real Networks Real Server Vulnerability "with a 412 byte attack EVERY RealServer is vulnerable to this D.O.S attack" USSR Advisory Code: USSR-2000038 Release Date: April 20, 2000 Systems Affected: Real Networks Real Server 7 linux...