Denial of Service Vulnerability in Apple QuickTime and Darwin Streaming Server
CVE-2003-0421

Currently unrated

Key Information:

Vendor: Apple
Status: Darwin Streaming Server
Vendor: CVE Published:; 27 August 2003

Summary

A flaw in Apple QuickTime and Darwin Streaming Server allows remote attackers to exploit certain requests on HTTP port 1220. By including an MS-DOS device name like 'AUX', attackers can trigger a crash, rendering the service unavailable. This issue poses a serious risk to the continuity of streaming and media services relying on affected versions prior to 4.1.3f.

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/...

mailing-listx_refsource_VULNWATCH

http://www.rapid7.com/advisories/R7-0015.html

x_refsource_MISC

Timeline

Vulnerability published
Aug 27, 2003
Vulnerability Reserved
Jun 11, 2003