Apple QuickTime/Darwin Streaming Server Multiple Vulnerabilities Advisory (CVE-2003-0050 to 0055)

From the screenshot, the following key vulnerability information can be extracted: Advisory Name: QuickTime/Darwin Streaming Administration Server Multiple Vulnerabilities Release Date: 2003-02-25 Targets: - Darwin Streaming Server 4.1.2 - QuickTime Streaming Server 4.1.1 Supported Platforms: MacOS X, Linux, Solaris, Windows Vulnerabilities Listed: - Remote Command Execution / Privilege Escalation - Arbitrary Directory Listings / Cross Site Scripting (x2) - Physical Path Revelation / Buffer Overflow CVE IDs: - CAN-2003-0050: Arbitrary command execution in QuickTime Streaming Server - CAN-2003-0051: Physical path revelation in QuickTime Streaming Server - CAN-2003-0052: Directory listings in QuickTime Streaming Server - CAN-2003-0053: Login credentials in QuickTime Streaming Server - CAN-2003-0054: Arbitrary command execution when viewing QTSS logs - CAN-2003-0055: Buffer overflow in MP3 Broadcasting application Vendor Response and Fixes: An update for Mac OS X Server has been released by Apple to address these issues. Vendor Status: Vendor has issued a software update. Recommendation: Apply the Apple software update. If that's not feasible, the service should not be accessible over the Internet.

Goal Reached Thanks to every supporter — we hit 100%!

Apple QuickTime/Darwin Streaming Server Multiple Vulnerabilities Advisory (CVE-2003-0050 to 0055)