Apple announced Darwin Streaming Server 5.5.5, an update to the open source version of Apple’s QuickTime Streaming Server. This update addresses two security issues: CVE-2007-0748 and CVE-2007-0749. Both security updates add additional validation of RTSP requests to prevent buffer overflows from crashing the application or permiting arbitrary code execution. More detailed information about the security update and Darwin Streaming Server can be found on Apple’s web site.
This is the first time I’ve heard of this software. If you are using it, please leave a comment.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!