Path Traversal Vulnerability in Apple Darwin Streaming Server
CVE-2003-1413

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime Streaming Server; Darwin Streaming Server
Vendor: CVE Published:; 31 December 2003

Summary

A vulnerability in parse_xml.cgi within Apple Darwin Streaming Server 4.1.1 allows remote attackers to exploit path traversal techniques. By utilizing '..' sequences in the filename parameter, attackers can ascertain the existence of arbitrary files based on the error messages returned by the server. This could lead to unauthorized access to sensitive information if exploited effectively.

References

http://securityreason.com/securityalert/3260

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/313517

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/11445

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Oct 19, 2007
Vulnerability published
Dec 31, 2003