Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0169

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0169
Last Modified 10 Sep 2008 03:25:20
Published 15 Mar 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0169

Summary

QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.

Vulnerable Systems

Application

  • Apple Darwin Streaming Server 4.1.3


References

CERT-VN - VU#460350

BID - 9735

XF - darwin-describe-request-dos(15291)

OSVDB - 6837

OSVDB - 6826

IDEFENSE - 20040223 Darwin Streaming Server Remote Denial of Service Vulnerability

APPLE - APPLE-SA-2004-02-23


Last Updated: 27 May 2016 10:38:30