quicktime server remote root exploit

From: Michael Scheidell (scheidellat_private)
Date: Wed Feb 26 2003 - 10:11:45 PST

Next message: Michel Arboi: "Re: Send control character in telnet from NASL?"

Previous message: Minderhout, Doug: "RE: Send control character in telnet from NASL?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The following plugin checks for the existence of quicktime/darwin
streaming media server, then checks for the per script that might be
exploitable.

This is currently written as a -cgi-abuses , information only gathering
plugin.

Once I find a client with an old version, I can begin to test the buffer
overflows documented in the @stake advisory.

Plugin attached.

-- 
Michael Scheidell
SECNAP Network Security, LLC
(561) 368-9561 scheidellat_private
http://www.secnap.net/

text/plain attachment: quicktime_admin.nasl

Next message: Michel Arboi: "Re: Send control character in telnet from NASL?"
Previous message: Minderhout, Doug: "RE: Send control character in telnet from NASL?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 26 2003 - 10:12:33 PST