Apple QuickTime/Darwin Streaming Server DESCRIBE Request Remote Denial of Service Vulnerability

It has been reported that QuickTime/Darwin Streaming Server may be prone to a remote denial of service vulnerability that could allow an attacker to cause the server to crash or hang. The issue presents itself when the software attempts to parse DESCRIBE requests with specially crafted User-Agent fields.

QuickTime/Darwin Streaming Server version 4.1.3 is reported to be prone to this issue.

This issue was originally described in Apple Security Update 2004-02-23 Released To Fix Multiple Vulnerabilities (BID 9731).


Privacy Statement
Copyright 2010, SecurityFocus