var-200303-0098
Vulnerability from variot
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. Under some circumstances, it may be possible to reveal the physical path that the vulnerable server is installed too. Access to this information may aid in launching more organized attacks against system resources. This vulnerability was originally described in BID 6932 "Multiple Remote QuickTime/Darwin Streaming Administration Server Vulnerabilities". It is now being assigned a separate BID. By default, these services listen on port 1220/TCP with root user privileges. If an attacker passes NULL as the file name parameter and submits it to the parse_xml.cgi script, the script will return information including the physical path where the service program is installed, and the attacker can use this information to further attack the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0098",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "darwin streaming server",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "quicktime streaming server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.1.1"
}
],
"sources": [
{
"db": "BID",
"id": "6956"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
},
{
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dave G.\u203b daveg@atstake.com\u203bOllie Whitehouse\u203b ollie@atstake.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0051",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0051",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6881",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-0051",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200303-036",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6881",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6881"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
},
{
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server\u0027s installation path via a NULL file parameter. Under some circumstances, it may be possible to reveal the physical path that the vulnerable server is installed too. Access to this information may aid in launching more organized attacks against system resources. \nThis vulnerability was originally described in BID 6932 \"Multiple Remote\nQuickTime/Darwin Streaming Administration Server Vulnerabilities\". It is\nnow being assigned a separate BID. By default, these services listen on port 1220/TCP with root user privileges. If an attacker passes NULL as the file name parameter and submits it to the parse_xml.cgi script, the script will return information including the physical path where the service program is installed, and the attacker can use this information to further attack the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0051"
},
{
"db": "BID",
"id": "6956"
},
{
"db": "VULHUB",
"id": "VHN-6881"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "6956",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2003-0051",
"trust": 2.0
},
{
"db": "BUGTRAQ",
"id": "20030224 QUICKTIME/DARWIN STREAMING ADMINISTRATION SERVER MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "11402",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200303-036",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6881",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6881"
},
{
"db": "BID",
"id": "6956"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
},
{
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"id": "VAR-200303-0098",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6881"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T20:18:11.894000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/6956"
},
{
"trust": 2.7,
"url": "http://lists.apple.com/archives/security-announce/2003/feb/25/applesa20030225macosx102.txt"
},
{
"trust": 2.7,
"url": "http://www.iss.net/security_center/static/11402.php"
},
{
"trust": 2.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104618904330226\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104618904330226\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6881"
},
{
"db": "BID",
"id": "6956"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
},
{
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6881"
},
{
"db": "BID",
"id": "6956"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
},
{
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-6881"
},
{
"date": "2003-02-24T00:00:00",
"db": "BID",
"id": "6956"
},
{
"date": "2003-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-036"
},
{
"date": "2003-03-07T05:00:00",
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-6881"
},
{
"date": "2009-07-11T20:06:00",
"db": "BID",
"id": "6956"
},
{
"date": "2005-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-036"
},
{
"date": "2024-11-20T23:43:49.827000",
"db": "NVD",
"id": "CVE-2003-0051"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Quicktime/Darwin Streaming server parse_xml.cgi Remote path leak vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-036"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…