[Live-devel] DoS in Media Server
Ross Finlayson
finlayson at live555.com
Thu Jul 17 21:18:42 PDT 2014
Yann,
Many thanks for the report. Yes, the RTSP server code was not properly handling the case when more than one "SETUP" command - from the same client - was performed on the same track. (The particular crash that you noted happened only when streaming a MPEG Program Stream file, but the bug was potentially applicable to any kind of stream.)
I have now installed a new version (2014.07.18) of the "LIVE555 Streaming Media" software to fix this bug, and have also installed new versions of the pre-built "LIVE555 Media Server" application binaries.
Ross Finlayson
Live Networks, Inc.
http://www.live555.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.live555.com/pipermail/live-devel/attachments/20140717/36f9a0ed/attachment.html>
More information about the live-devel
mailing list