Signature Detail
Short Name |
APP:QT-SERVER:PARSE-XML-CGI-RCE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Apple Streaming Servers parse_xml.cgi Shell Metacharacter Arbitrary Command Execution |
Release Date |
2011/11/29 |
Update Number |
2038 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Apple Streaming Servers parse_xml.cgi Shell Metacharacter Arbitrary Command Execution
This signature detects attempts to exploit a command injection vulnerability in Apple Streaming Servers. It is due to insufficient validation of user-supplied input. A successful attack can lead to execute arbitrary commands in the context of the application.
Extended Description
A command execution vulnerability has been discovered in the Darwin/QuickTime Streaming Servers. The vulnerability exists due to insufficient sanitization performed on some user-supplied input. An attacker can exploit this vulnerability by submitting a specially crafted string to the parse_xml.cgi application that include malicious shell commands. These commands, when received by the Streaming Administration Servers, will be executed and may be used to compromise a vulnerable system.
Affected Products
- Apple Darwin Streaming Server 4.1.2
- Apple Quicktime Streaming Server 4.1.1
References
- BugTraq: 6954
- CVE: CVE-2003-0050