Buffer-overflow in Quicktime Player 7.3.1.70 Jan 10 2008 06:45PM
Luigi Auriemma (aluigi autistici org) (1 replies)
Re: Buffer-overflow in Quicktime Player 7.3.1.70 Jan 10 2008 09:39PM
Marcello Barnaba (void) (vjt openssl it) (2 replies)
Re: Buffer-overflow in Quicktime Player 7.3.1.70 Jan 12 2008 01:33PM
Luigi Auriemma (aluigi autistici org)
Re: Buffer-overflow in Quicktime Player 7.3.1.70 Jan 11 2008 09:14PM
Luigi Auriemma (aluigi autistici org) (1 replies)
Re: Buffer-overflow in Quicktime Player 7.3.1.70 Jan 12 2008 10:41PM
Marcello Barnaba (void) (vjt openssl it)

On Jan 11, 2008, at 10:14 PM, Luigi Auriemma wrote:

> Now talking about you, Marcello, the problem you had is just with
"your"
> same computer/network, probably you have a firewall or something
else (a
> "condition" as you define it) that simply makes your ports to appear
> filtered/timedout and so Quicktime gives up.

Yeah, you are right. Protocol switching was disabled in my Quicktime
preferences. Sorry about that.. I should have checked before writing
inaccurate statements here.

By the way, even with "Transport setup" -> "Automatic", the software
doesn't crash nor loops after reading the HTTP payload, but I really
don't know why.. It merely sits there, saying "Swiching transports".

Attached a full pcap dump of the session and QuickTime.app's version
plist.

Have fun! :)

Marcello

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>BuildVersion</key>
<string>7</string>
<key>CFBundleShortVersionString</key>
<string>7.3.1</string>
<key>CFBundleVersion</key>
<string>7.3.1</string>
<key>ProductBuildVersion</key>
<string>731A54a</string>
<key>ProjectName</key>
<string>QuickTime</string>
<key>SourceVersion</key>
<string>6400000</string>
</dict>
</plist>
?&/?Gdump.pcap»rxÓB&øÿBóëwºgNddp²A? ?]l?ØêAøÀ.&­5ºS8Az60ýÿÿϨ?Åþ#333##?üßY¦ 9&??@3u?|??Õ=¨f2iØÒ4?+@?á? D/Û+L÷ì~æ?½Òó¬ó§­'Ö=Ò¯0Ý?³ÕLéyö?ôÍÝ?ì?µ®Lî)Ø?æ? &72ë?oX̼qÕL??²$ts?æ2mÂn&ÃÌdqcb°?e0ÓdÁR¬îd??Û 4S(?dÈ!,æ8oÂê¶\Y¸Ìip?Lr 1?Ådç<æHüÿϤ?j?GHH?¾¡?¡???ã(£`$P92Õ³<Êý?«\3ÄY®½ÄR ­ÃVâ,FcdpÇQ0Ò@ÐÍ2P9òKy4û®òÈgy$ëY=??­<2ÅY
ÙX-ªFÁ( JûHÛ³<?yWyd?³<
?Ô?0Ç·þ5¶òÈ^ýs$Ø>ª¨äåâåY?Å¡"8Ú?Ë¡mXÌi<?Õ¡m`?
b7g*sZátO;.÷0b?³r3sp¸Ç?9?XýÕ4??{ɨ¤4é
--
pub 1024D/8D2787EF 723C 7CA3 3C19 2ACE 6E20 9CC1 9956 EB3C 8D27 87EF

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus