Apple QuickTime/Darwin Streaming Server Multiple Remote Vulnerabilities
High Nessus Plugin ID 11278
SynopsisThe remote server is vulnerable to several flaws.
DescriptionThe remote host is running Apple QuickTime Streaming Server.
There are multiple flaws in this version :
* Remote code execution vulnerability (by default with root privileges)
* 2 Cross-Site Scripting vulnerabilities
* Path Disclosure vulnerability
* Arbitrary Directory listing vulnerability
* Buffer overflow in MP3 broadcasting module
SolutionInstall patches from Apple or disable access to this service.