Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module – Integer Overflow

19次阅读
没有评论

Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module – Integer Overflow

漏洞ID 1053882 漏洞类型
发布时间 2003-05-22 更新时间 2003-05-22
Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module - Integer OverflowCVE编号 N/A
Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module - Integer OverflowCNNVD-ID N/A
漏洞平台 OSX CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22629
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7659/info

A vulnerability has been reported for Apple QuickTime/Darwin Streaming Server. The problem is said to occur within the QTSSReflector module while processing the ANNOUNCE command. Specifically, by specifying an extremely large value as an argument within an ANNOUNCE request, it is possible to trigger an unexpected calculation causing the server to crash.

Although it has not been confirmed, it is speculated that this issue may be exploitable to corrupt memory. 

$ perl -e 'print "ANNOUNCE /.sdp RTSP/1.0nContent-length:4294967295nn","A"x8192' | nc -v localhost 554

相关推荐: TransSoft Broker User Name Buffer Overflow Vulnerability

TransSoft Broker User Name Buffer Overflow Vulnerability 漏洞ID 1104469 漏洞类型 Boundary Condition Error 发布时间 1999-11-08 更新时间 1999-11-0…

正文完
 0