Quicktime/Darwin Remote Admin Exploit Network Vulnerability

Summary

Cross site scripting, buffer overflow and remote command execution on QuickTime/Darwin Streaming Administration Server. This is due to parsing problems with per script: parse_xml.cgi. The worst of these vulnerabilities allows for remote command execution usually as root or administrator. These servers are installed by default on port 1220. See: http://www.atstake.com/research/advisories/2003/a022403-1.txt

Solution

Obtain a patch or new software from Apple or block this port (TCP 1220) from internet access. *** OVS reports this vulnerability using only *** information that was gathered. Only the existance *** of the potentially vulnerable cgi script was tested.

Severity

Classification

CVE CVE-2003-0050, CVE-2003-0051, CVE-2003-0052, CVE-2003-0053, CVE-2003-0054, CVE-2003-0055

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw
NT IIS 5.0 Malformed HTTP Printer Request Header Buffer Overflow Vulnerability
yppasswdd overflow
HTTP Cookie overflow
NNTP password overflow

Take action and discover your vulnerabilities