| VID |
27340 |
| Severity |
40 |
| Port |
3689 |
| Protocol |
TCP |
| Class |
P2P |
| Detailed Description |
The iTunes HTTP server, according to its banner, has a local code execution vulnerability via its helper application. iTunes is a digital jukebox for Mac OS X and Microsoft Windows operating systems. iTunes has a file sharing program option enabling users to share audio and other media files. Due to the way iTunes 4.7.1.30 and 5 releases for Microsoft Windows launch its helper application, multiple system paths are searched to determine which program to run. An attacker with local access could exploit this flaw to place a malicious program in a system path and have it called before the iTunes helper application.
* Note: This check solely relied on the banner of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://docs.info.apple.com/article.html?artnum=302848
http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities
http://lists.apple.com/archives/security-announce/2005/Nov/msg00001.html
http://securitytracker.com/id?1015222
* Platforms Affected:
Apple iTunes 4.7.1.30 and 5 for Microsoft Windows
Microsoft Windows Any version |
| Recommendation |
Upgrade to iTunes 6 release for Microsoft Windows or later, available from the iTunes Download Web site at http://www.apple.com/itunes/download/ |
| Related URL |
CVE-2005-2938 (CVE) |
| Related URL |
15446 (SecurityFocus) |
| Related URL |
(ISS) |
|
