| VID |
23197 |
| Severity |
40 |
| Port |
554 |
| Protocol |
TCP |
| Class |
RTSP |
| Detailed Description |
The Darwin Streaming Server, according to its banner, has two buffer overflow vulnerabilities. Apple Darwin Streaming Server is a media streaming server. Darwin Streaming Server versions prior to 5.5.5 are two buffer overflow vulnerabilities via multiple trackID values in a SETUP RTSP request, and a long cmd or server value in an RTSP request. An unauthenticated remote attacker could exploit these vulnerabilities using specially-crafted RTSP requests to crash the affected service or to execute arbitrary code with the privileges of the target service, generally root.
* Note: If this check solely relied on the banner of the remote RTSP server to assess this vulnerability, then this might be a false positive.
* References:
http://docs.info.apple.com/article.html?artnum=305495
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533
http://www.frsirt.com/english/advisories/2007/1770
http://securitytracker.com/alerts/2007/May/1018047.html
http://secunia.com/advisories/25193
* Platforms Affected:
Apple Computer, Inc., Darwin Streaming Server versions prior to 5.5.5
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Darwin Streaming Server (5.5.5 or later), available from the Darwin Streaming Server Web page at http://docs.info.apple.com/article.html?artnum=305495 |
| Related URL |
CVE-2007-0748,CVE-2007-0749 (CVE) |
| Related URL |
23918 (SecurityFocus) |
| Related URL |
34225,34222 (ISS) |
|
