Update closes security hole in Darwin Streaming Server
Apple has published an update for the Darwin Streaming Server (an open-source package used to distribute multi-media data streams) to fix security holes which might be exploited by attackers to infiltrate and execute arbitrary code on affected servers.
This bug affects the integrated Streaming Proxy, which grants clients remote access to the RTSP data streams. An attacker may use manipulated RTSP packets to trigger a buffer overflow. The function is_command does not validate the length of entries prior to a copying operation. A buffer overflow may occur during a setup request, if the trackID field contains more than 32 values.
While iDefense has confirmed that this bug exists for version 5.5.4 of the Darwin Streaming Server, they only reported this vulnerability for a self-compiled version with default options. According to their advisory, Apple’s binary package was not vulnerable. It is suspected that older versions are also affected. In any case, users are advised to install the current package of the software.
- About the security content of Darwin Streaming Server 5.5.5 Apple notification
- Apple Darwin Streaming Proxy Multiple Vulnerabilities iDefence advisory