CVE-2007-0749 - OpenCVE

Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Darwin Streaming Server Mac Os X Server

Configuration 1 [-]

OR	cpe:2.3:a:apple:darwin_streaming_server:4.1.2:::::::*
	cpe:2.3:a:apple:darwin_streaming_server:5.0.1:::::::*
	cpe:2.3:a:apple:darwin_streaming_server:5.5.4:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.3:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::*

cpe:2.3:a:apple:darwin_streaming_server:4.1.3:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://docs.info.apple.com/article.html?artnum=305495
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533
http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html
http://osvdb.org/35976
http://secunia.com/advisories/25193
http://www.securityfocus.com/bid/23918
http://www.securitytracker.com/id?1018047
http://www.vupen.com/english/advisories/2007/1770
https://exchange.xforce.ibmcloud.com/vulnerabilities/34222

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-13T22:00:00

Updated: 2024-08-07T12:26:54.488Z

Reserved: 2007-02-05T00:00:00

Link: CVE-2007-0749

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-05-13T22:19:00.000

Modified: 2017-07-29T01:30:22.797

Link: CVE-2007-0749

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-05-10T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-1770", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1770"}, {"name": "APPLE-SA-2007-05-10", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html"}, {"name": "23918", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23918"}, {"name": "20070510 Apple Darwin Streaming Proxy Multiple Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=305495"}, {"name": "35976", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/35976"}, {"name": "darwin-iscommand-bo(34222)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34222"}, {"name": "1018047", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018047"}, {"name": "25193", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25193"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0749", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-1770", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1770"}, {"name": "APPLE-SA-2007-05-10", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html"}, {"name": "23918", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23918"}, {"name": "20070510 Apple Darwin Streaming Proxy Multiple Vulnerabilities", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533"}, {"name": "http://docs.info.apple.com/article.html?artnum=305495", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=305495"}, {"name": "35976", "refsource": "OSVDB", "url": "http://osvdb.org/35976"}, {"name": "darwin-iscommand-bo(34222)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34222"}, {"name": "1018047", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018047"}, {"name": "25193", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25193"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:26:54.488Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-1770", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1770"}, {"name": "APPLE-SA-2007-05-10", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html"}, {"name": "23918", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23918"}, {"name": "20070510 Apple Darwin Streaming Proxy Multiple Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=305495"}, {"name": "35976", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/35976"}, {"name": "darwin-iscommand-bo(34222)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34222"}, {"name": "1018047", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018047"}, {"name": "25193", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25193"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0749", "datePublished": "2007-05-13T22:00:00", "dateReserved": "2007-02-05T00:00:00", "dateUpdated": "2024-08-07T12:26:54.488Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:darwin_streaming_server:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "3F40D1E1-10B3-4A7C-A945-A8D74F3DCB35", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:darwin_streaming_server:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CCC88BC5-0CA9-4B24-ACBD-14A4762A8252", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:darwin_streaming_server:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "6693434C-2244-47F9-94A7-F5D6CE50C245", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:apple:darwin_streaming_server:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "74BCDEA0-2F69-4411-98C5-29C3C0533BDE", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en la funci\u00f3n is_command en proxy.c en Apple Darwin Streaming Proxy, cuando se utiliza en Darwin Streaming Server anterior a 5.5.5, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un valor (1)cmd largo o (2)server en una respuesta RTSP."}], "id": "CVE-2007-0749", "lastModified": "2017-07-29T01:30:22.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-13T22:19:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://docs.info.apple.com/article.html?artnum=305495"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/35976"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25193"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/23918"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018047"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1770"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34222"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}