A vulnerability has been reported in Darwin Streaming Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Remote exploitation of an input validation vulnerability in Apple Computer Inc.'s Darwin Streaming Server allows attackers to cause a denial of service condition. The vulnerability specifically occurs due to insufficient sanity checking on arguments to DESCRIBE requests. A remote attacker can send a request for a location containing a null byte to cause a denial of service condition resulting in the following backtrace:
Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1026 (LWP 9648)] 0x4207ac9e in chunk_free () from /lib/i686/libc.so.6 (gdb) bt #0 0x4207ac9e in chunk_free () from /lib/i686/libc.so.6 #1 0x4207ac24 in free () from /lib/i686/libc.so.6 #2 0x08096406 in FindOrCreateSession (inPath=0x408caf3c, inParams=0x81746f0, inData=0x0, isPush=0, foundSessionPtr=0x0) at APIModules/QTSSReflectorModule/QTSSReflectorModule.cpp:1262
The vulnerability has been reported in version 5.0.1. Other versions may also be affected.
SOFTWARE:
Darwin Streaming Server 4.x
Darwin Streaming Server 5.x
SOLUTION:
We are not currently aware of an updated version or patches fixing the vulnerability.
Restrict access to the server.
PROVIDED AND/OR DISCOVERED BY:
Discovered by anonymous person and reported via iDEFENSE.
ORIGINAL ADVISORY:
iDEFENSE:
http://www.idefense.com/application/poi/display?id=159&type=vulnerabilities
http://community.securityteam.us/article.php/20041208103626731