• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1

  • Subject: APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1
  • From: Apple Product Security <email@hidden>
  • Date: Tue, 12 Jul 2005 17:24:52 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1

The open source Darwin Streaming Server project has been updated to
provide the following security enhancement:

Darwin Streaming Server 5.5.1
Available for:  Microsoft Windows 2000/2003 Server
CVE-ID:  CAN-2005-2195
Impact:  Remote attackers can hang the Web Admin application in
Darwin Streaming Server for Windows 2000/2003 Server
Description:  Darwin Streaming Server is distributed with a web-based
admin application that allows it to be configured through a web
browser.  Version 5.5 of the Windows 2000/2003 Server distribution of
this package is vulnerable to a denial of service attack when
handling certain web requests.  Version 5.5.1 addresses the problem
by adding extra checks before opening files.   Other distributions of
this package, including Mac OS X and Linux, are not vulnerable to the
attack.  Credit to Sowhat of ITS Security Team for reporting this
issue.

Information on Darwin Streaming Server is available at:
http://developer.apple.com/darwin/projects/streaming/

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQtRdzoHaV5ucd/HdAQJyugf+PpXLWzzoaaRsepjk3S9TlLjrRYRW3PyS
E0PnAUb69zeIS0DtKFAKMyvu2JHckvQUg0pbSQdCpcNihtrwFjq/DyphWWlOYeZ9
Und1Gw+TTDXNJ7OqEL2URj1lSGG2ZCFmy6SlXdiufERLTBsLQc7whoHM+AcscWCk
Hj21ysMkyejkG+mMRN3cHiWngNdNvXigyH0pE8WARYRBxdIB6COo4C14CwO2ukso
hOF0DsoLiArMYAFliWdDSwkvMpQggE9olhdLvYlba+gnobhXroT1dU88G/DQ+Hsk
KmHgWerTYJ9B2uB3dC290LQUWuiInuAP448aW7odfgYEPkFcJAsccQ==
=K8RY
-----END PGP SIGNATURE-----

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




    

  • Prev by Date:
APPLE-SA-2005-07-12 Mac OS X v10.4.2

    • 

  • Next by Date:
APPLE-SA-2005-07-19 AirPort 4.2

    • 

  • Previous by thread:
APPLE-SA-2005-07-12 Mac OS X v10.4.2

    • 

  • Next by thread:
APPLE-SA-2005-07-19 AirPort 4.2

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •