Hi,
The following issues have been fixed:
CAN-2003-0050 Arbitrary command execution in QuickTime Streaming
Server
CAN-2003-0051 Physical path revelation in QuickTime Streaming
Server
CAN-2003-0052 Directory listings in QuickTime Streaming Server
CAN-2003-0053 Login credentials in QuickTime Streaming Server
CAN-2003-0054 Arbitrary command execution when viewing QTSS logs
CAN-2003-0055 Buffer overflow in MP3 Broadcasting application
..Although some of these issues are not exploitable or are very minor.
A couple of the issues are serious and we highly recommend that you apply
the patch if you're running the QTSS web admin.
For more info:
http://www.securityfocus.com/archive/1/313081/2003-02-24/2003-03-02/0
-Joel Hedden
On Thu, 2003-02-27 at 11:17, Stef van der Ziel wrote:
> Hi folks,
>
> who can tell us what 'security improvements' are added with version
> 4.1.3 of DSS/QTSS?
>
> Best regards,
>
> Stef
>
> --
> Stef van der Ziel - Sr. Streaming Media Specialist
> email@hidden - http://www.xteph.net - 06-21833854
>
> Universal Streaming Hosting Platform: http://www.jet-stream.nl
> CasTel Media Streaming Services: http://streaming.castelmedia.com
> The Dutch Streaming Community: http://www.xteph.net/mainstream
> _______________________________________________
> streaming-server-users mailing list | email@hidden
> Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/streaming-server-users
> Do not post admin requests to the list. They will be ignored.
_______________________________________________
streaming-server-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/streaming-server-users
Do not post admin requests to the list. They will be ignored.
