Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:5806
HistoryFeb 24, 2004 - 12:00 a.m.

[Full-Disclosure] iDEFENSE Security Advisory 02.23.04: Darwin Streaming Server Remote Denial of Service Vulnerability

2004-02-2400:00:00
vulners.com
16
JSON

iDEFENSE Security Advisory 02.23.04

Darwin Streaming Server Remote Denial of Service Vulnerability
http://www.idefense.com/application/poi/display?id=75
February 23, 2004

I. BACKGROUND

Darwin Streaming Server is server technology allowing for the streaming
of QuickTime data to clients across the Internet using the industry
standard RTP and RTSP protocols.

II. DESCRIPTION

Exploitation of a flaw in Apple Computer Inc's Darwin Streaming Server
allows unauthenticated remote attackers to prevent legitimate usage.

The vulnerability specifically occurs upon parsing of DESCRIBE requests
with specially crafted User-Agent fields. Making a request with a
User-Agent field containing over 255 characters causes an assert error
in CommonUtilitiesLib/StringFormatter.h line 97:

virtual void BufferIsFull(char* /inBuffer/, UInt32/inBufferLen/)
{
Assert(0);
}

Successful exploitation disrupts further content streaming
capabilities.

III. ANALYSIS

Any remote unauthenticated attacker can exploit the vulnerability
thereby preventing legitimate users from accessing streamed content.

iDEFENSE has obtained proof of concept exploit code for this
vulnerability.

IV. DETECTION

iDEFENSE has confirmed that the latest version of Darwin Streaming
Server, version 4.1.3, is vulnerable.

V. VENDOR RESPONSE

This is fixed in Security Update 2004-02-23 available for Mac OS X
10.3.2 Server and Mac OS X 10.2.8 Server. The update and further
information is available from Apple's Support site at:
http://www.apple.com/support/

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
CAN-2004-0169 to this issue. This is a candidate for inclusion in the
CVE list (http://cve.mitre.org), which standardizes names for security
problems.

VII. DISCLOSURE TIMELINE

December 8, 2003 Exploit acquired by iDEFENSE
January 29, 2004 iDEFENSE clients notified
January 29, 2004 Initial vendor notification
January 29, 2004 Vendor response received
February 23, 2004 Coordinated public disclosure

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Related

nessus 2
cve 1
checkpoint_advisories 1
openvas 2
freebsd 1
cert 1
nessus
nessus
FreeBSD : Darwin Streaming Server denial-of-service vulnerability (c7cad0f0-671a-11d8-bdeb-000a95bc6fae)
2009-04-23 00:00:00
FreeBSD : Darwin Streaming Server denial-of-service vulnerability (1)
2004-07-06 00:00:00
cve
cve
CVE-2004-0169
2004-03-15 05:00:00
checkpoint_advisories
checkpoint_advisories
QuickTime-Darwin Denial of Service (CVE-2004-0169)
2010-03-11 00:00:00
openvas
openvas
FreeBSD Ports: DarwinStreamingServer
2008-09-04 00:00:00
FreeBSD Ports: DarwinStreamingServer
2008-09-04 00:00:00
freebsd
freebsd
Darwin Streaming Server denial-of-service vulnerability
2004-02-23 00:00:00
cert
cert
Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests
2004-02-25 00:00:00
JSON
Related for SECURITYVULNS:DOC:5806
nessus2cve1checkpoint_advisories1openvas2freebsd1cert1