Site Network: | | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

Darwin Streaming Server - Remote hacker automatic control

Version: 5.5.4 and prior.
Technical Details:

Two buffer overflows in the Darwin Streaming Proxy when handling RTSP requests can lead to arbitrary code execution. It appears that these vulnerabilities are very similar to issues already patched in QuickTime.


The Darwin Streaming Server is the open source Darwin equivalent to the QuickTime Streaming Server that is available for the OS X platform. Patches have been released to address a set of vulnerabilities that appear to be related to previously disclosed and patched issues with QuickTime (certain streaming protocols had some inbuilt weaknesses). In the worst case, an attacker could gain control over a vulnerable system that was running the Server, by supplying malicious network traffic.


Update to Streaming Server 5.5.5 at the earliest opportunity.




External Tracking Data:

CVE-ID: CVE-2007-0749 CVE-ID: CVE-2007-0748

Social bookmark this page