QwikSec

Security Database

CVE

CWE

Training

CVE-2003-0054

Published: Sep 1, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt

x_refsource_CONFIRM

quicktime-darwin-describe-xss(11405)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.