Two flaws in Apple's Darwin Streaming Server have been fixed. Both flaws, if compromised, could allow arbitrary code execution, making them particularly dangerous. Of course, to be vulnerable at all a machine would have to be using DSS to serve content. However, they can be exploited remotely - local access to the server isn't required. With DSS 5.5.5, both of the holes are plugged, and Apple hasn't revealed any information on whether or not these were successfully exploited in the wild. Darwin Streaming Server is an open-source branch of QuickTime Streaming server, though it isn't clear if the flaws are as a result of common code or are independent to DSS.
Apple addresses two flaws in DSS
By Justin Mann
Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.
TechSpot means tech analysis and advice you can trust.
0 comments
12 likes and shares