Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security

[SA10956] Quicktime/Darwin Streaming Server DESCRIBE Request Denial of Service
Quicktime/Darwin Streaming Server DESCRIBE Request Denial of Service

From Secunia, for About.com

TITLE:
Quicktime/Darwin Streaming Server DESCRIBE Request Denial of Service

SECUNIA ADVISORY ID:
SA10956

VERIFY ADVISORY:
http://secunia.com/advisories/10956/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
Darwin Streaming Server 4.x
Quicktime Streaming Server 4.x

DESCRIPTION:
iDEFENSE has reported a vulnerability in QuickTime/Darwin Streaming Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an assert error when parsing certain DESCRIBE requests. This can be exploited to disrupt functionality by sending such a request with specially crafted "User-Agent" fields containing more than 255 characters.

The vulnerability has been reported in version 4.1.3. Other versions may also be affected.

SOLUTION:
Apply Security Update 2004-02-23 for Mac OS X Server.

PROVIDED AND/OR DISCOVERED BY:
iDEFENSE

ORIGINAL ADVISORY:
http://www.idefense.com/application/poi/display?id=75&type=vulnerabilities

OTHER REFERENCES:
SA10959:
http://secunia.com/advisories/10959/

For further details and links please click here to see the actual Secunia Advisory: http://secunia.com/advisories/10956/

More Internet / Network Security Quick Tips
Explore Internet / Network Security
About.com Special Features
Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Connect Your Home Computers

Easy ways to connect two computers for networking purposes. More >

Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security

©2009 About.com, a part of The New York Times Company.

All rights reserved.