This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.
The remote host contains an application that may be affected by
According to its banner, the version of iTunes installed on the remote
host is older than 8.1. Such versions may be affected by multiple
- It may be possible to cause a denial of service by
sending a maliciously crafted DAAP header to the
application. Note that this flaw only affects iTunes
running on a Windows host. (CVE-2009-0016)
- When subscribing to a podcast an authentication dialog
may be presented without clarifying the origin of the
authentication request. An attacker could exploit this
flaw in order to steal the user's iTunes credentials.
See also :
Upgrade to iTunes 8.1 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false