This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote host contains a multimedia application that has multiple
The version of iTunes on the remote host is prior to version 8.1. It
is, therefore, affected by multiple vulnerabilities :
- A remote attacker can cause a denial of service by
sending a maliciously crafted DAAP message. Note that
this vulnerability only affects iTunes running on a
Windows host. (CVE-2009-0016)
- When subscribing to a podcast, an authentication dialog
may be presented to the user without clarifying the
origin of the authentication request. An attacker could
exploit this flaw in order to steal the user's iTunes
See also :
Upgrade to iTunes 8.1 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false
Family: Peer-To-Peer File Sharing
Nessus Plugin ID: 35914 (itunes_8_1_banner.nasl)
Bugtraq ID: 34094
CVE ID: CVE-2009-0016CVE-2009-0143
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.