Overview
Apple's QuickTime and Darwin Streaming Server (DSS) package includes a utility called MP3Broadcaster. This utility contains an integer overflow which may be exploited to cause a denial of service.
Description
Apple's QuickTime and Darwin Streaming Server is software which provides integrated distribution of various forms of digital content. Such content can be delivered over a network using Real-Time Transport Protocol (RTP) and Real-Time Streaming Protocol (RTSP). Streaming media content can include files encoded in QuickTime, MPEG, and MP3 formats. A utility package called MP3Broadcaster contains an integer overflow vulnerability. Like buffer overflows, an integer overflow may be exploited to cause affected software to crash. Under certain circumstances, an integer overflow has the potential to be allow an attacker to exploit arbitrary code, but in this case, does not appear possible. The integer overflow in MP3Broadcaster in DSS 4.1.3 is triggered when parsing malformed ID3 tags within crafted MP3 files. This vulnerability only has the potential to be exploited by remote attackers if they can get vulnerable servers to parse malicious MP3 files (i.e., by uploading a file). |
Impact
Exploitation of this vulnerability may lead to denial of service. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
Ensure unauthenticated remote broadcasts is disabled. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Sir Mordred reported this vulnerability in several public forums.
This document was written by Jeffrey S. Havrilla.
Other Information
| CVE IDs: | None |
| Severity Metric: | 4.69 |
| Date Public: | 2003-05-22 |
| Date First Published: | 2003-12-23 |
| Date Last Updated: | 2003-12-23 16:01 UTC |
| Document Revision: | 10 |