Full Disclosure mailing list archives
Re: R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server
From: Valdis.Kletnieks () vt edu
Date: Tue, 22 Jul 2003 23:49:04 -0400
On Tue, 22 Jul 2003 19:36:09 PDT, security snot said:
How are denial of service attacks against a media server security issues?
If somebody can send you a packet that takes out your server, and then do it again 5 mins later when the server reboots, lather, rinse, repeat, it's a security issue. If somebody can send you a low-bandwidth stream of packets that make your server work WAY too hard, so that the expensive server that's supposed to be handling 500 simultaneous clients is dropping users at 75, it's a security issue. If you don't believe it now, wait till you're the sysadmin of the server that's being attacked, and you tell the VP that you're dead in the water because some script kiddie is packeting you. And after the VP finishes with you, you'll either be a believer or unemployed. ;)
Attachment:
_bin
Description:
Current thread:
- R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server advisory (Jul 22)
- Re: R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server security snot (Jul 22)
- Re: R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server Jim Duncan (Jul 22)
- Re: R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server Valdis . Kletnieks (Jul 22)
- Re: R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server northern snowfall (Jul 22)
- Re: R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server security snot (Jul 22)