search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests

Vulnerability Note VU#460350

Original Release Date: 2004-02-25 | Last Revised: 2004-03-15

Overview

Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests containing overly large User-Agent fields. This could allow an unauthenticated, remote attacker to cause a denial-of-service condition.

Description

Apple's QuickTime and Darwin Streaming Server is software which provides integrated distribution of various forms of digital content. Such content can be delivered over a network using Real-Time Transport Protocol (RTP) and Real-Time Streaming Protocol (RTSP).

The RTSP provides a DESCRIBE method which according to RFC 2326 "retrieves the description of a presentation or media object identified by the request URL from a server. It may use the Accept header to specify the description formats that the client understands. The server responds with a description of the requested resource. The DESCRIBE reply-response pair constitutes the media initialization phase of RTSP."

There is a vulnerability in the way the Quicktime/Darwin Streaming Server parses DESCRIBE requests containing specially crafted User-Agent fields. An attacker could exploit this vulnerability by sending a DESCRIBE request containing an overly large User-Agent field.

Impact

An unauthenticated, remote attacker could prevent legitimate users from accessing the streamed content.

Solution

Apply Patch
Apple has released a patch to address this vulnerability. For further details, please see the Apple Security Advisory (Security Update 2004-02-23).

Vendor Information

460350
 
Affected   Unknown   Unaffected

Apple Computer Inc.

Updated:  February 25, 2004

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please refer to the Apple Security Advisory.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Credit

This vulnerability was reported by iDefense.

This document was written by Damon Morda.

Other Information

CVE IDs: CVE-2004-0169
Severity Metric: 1.68
Date Public: 2004-02-24
Date First Published: 2004-02-25
Date Last Updated: 2004-03-15 13:49 UTC
Document Revision: 12

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.