Vulnerabilities > CVE-2003-0426 - Remote Security vulnerability in Apple Darwin Streaming Server 4.1.3

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

apple

critical

NVD

Published: 2003-08-27

Updated: 2008-09-05

Summary

The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator.

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Darwin Streaming Server 4.1.3	1

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html
http://www.rapid7.com/advisories/R7-0015.html