01642 06 11 11 Arrange Call

Remote Code Execution via Log File in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1

CVE-2003-0054 · HIGH

CVE-2003-0054

Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser.

Learn more about our Cis Benchmark Audit For Server Software.