Rapid7 Vulnerability & Exploit Database

QuickTime Streaming Server Initial Password Setup Page

Back to Search

QuickTime Streaming Server Initial Password Setup Page

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
08/27/2003
Created
07/25/2018
Added
11/01/2004
Modified
07/31/2012

Description

When QuickTime Streaming Server is first installed, the HTTP-based administration server loads to a default setup page where you can create the administrator accound and set the password. If the administrator neglects to set this up, any remote user can connect, set the password, and log in to and configure the QuickTime Streaming Server.

Solution(s)

  • http-qtss-initial-setup

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;