Re: Buffer-overflow in Quicktime Player 7.3.1.70

看板Bugtraq作者時間18年前 (2008/01/15 04:50), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串8/8 (看更多)
--Apple-Mail-25-679702319 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit On Jan 11, 2008, at 10:14 PM, Luigi Auriemma wrote: > Now talking about you, Marcello, the problem you had is just with "your" > same computer/network, probably you have a firewall or something else (a > "condition" as you define it) that simply makes your ports to appear > filtered/timedout and so Quicktime gives up. Yeah, you are right. Protocol switching was disabled in my Quicktime preferences. Sorry about that.. I should have checked before writing inaccurate statements here. By the way, even with "Transport setup" -> "Automatic", the software doesn't crash nor loops after reading the HTTP payload, but I really don't know why.. It merely sits there, saying "Swiching transports". Attached a full pcap dump of the session and QuickTime.app's version plist. Have fun! :) Marcello --Apple-Mail-25-679702319 Content-Disposition: attachment; filename=version.plist Content-Type: application/octet-stream; x-unix-mode=0644; name="version.plist" Content-Transfer-Encoding: 7bit <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "" rel="nofollow">http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>BuildVersion</key> <string>7</string> <key>CFBundleShortVersionString</key> <string>7.3.1</string> <key>CFBundleVersion</key> <string>7.3.1</string> <key>ProductBuildVersion</key> <string>731A54a</string> <key>ProjectName</key> <string>QuickTime</string> <key>SourceVersion</key> <string>6400000</string> </dict> </plist> --Apple-Mail-25-679702319 Content-Disposition: attachment; filename=dump.pcap.gz Content-Type: application/x-gzip; x-unix-mode=0644; name="dump.pcap.gz" Content-Transfer-Encoding: base64 H4sICCYviUcCA2R1bXAucGNhcAC7cnjTQiYGFgYY+P8fQvPrd7pnTmRkcAGyQZgJiF0ZGBxsmxwY HNgYGOoZGBhB+MAuJq01ulM4QXo2MP3//88EqJbF/gYjMzMzIyMHl/zfWaYgORYmiJmNQDN1gHwd hJka1T2oZjJpHdgF0gM0lytAhIHhnwxEL9srTPfsfoHmnr3S86zzp60n1j3SrzDdk7MS1UzpeQf2 gvQAzd2A7J61rkwY7inYheaeAwwBJjcOMhLrnm9YzLxxFtVMhoADB7IkdHOA5jJtEMJuJgjDzGRx Y2KwAJplgTDTZMFSrO5kApqb2yAANFMDKIhkFsgcISzmOG/C6rZckFm4zGlwB5oDTHIgDDGHxWTn EjzmSPz/z6SJao5HSEiAvqGeoYKJgYkC4ygYBaNgJAFQOTLVHbM8yv2Mq1wzxFmuvcRSHgmtw1Ye GeIsj0ZjZHADx1Ew0kAEENDNMlA58gNLeTT7Fq7yyBRneSTrgVkePZiOrTwyxVkeDdlYGy2qRsEo oEr7SNsDszyaeQFXeWSJszwKBZoTCNQfiDDHt/41tvLIEl4e/XMk2D6qqOTl4uUCWZCCxaEinTgd 2obLoW1YzGk8itWhbWCHCmI3ZyoWc1oW4XRPOy73MBZimrNyMx5zcLjHHYs5go1Y/dUONIsZm3sA yaikNOkRAAA= --Apple-Mail-25-679702319 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit -- pub 1024D/8D2787EF 723C 7CA3 3C19 2ACE 6E20 9CC1 9956 EB3C 8D27 87EF --Apple-Mail-25-679702319--
更多 vjt. 的文章
文章代碼(AID): #17YyiA00 (Bugtraq)
討論串 (同標題文章)
完整討論串 (本文為第 8 之 8 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共8篇)
更多 vjt. 的文章
文章代碼(AID): #17YyiA00 (Bugtraq)