Helix Servers View Source Plug-in RTSP Parser Overflow

This script is Copyright (C) 2003-2013 Montgomery County Maryland Government Security Team


Synopsis :

The remote media streaming server is susceptible to buffer overflow
attacks.

Description :

The remote host is running RealServer or Helix Universal Server, media
streaming servers.

According to its banner, the version of the server installed on the
remote host may be affected by a buffer overflow vulnerability when
handling URLs with many '/' characters and another when handling
unspecified RTSP methods. Using a specially crafted request, an
attacker may be able to leverage either of these issues to execute
arbitrary code subject to the privileges of the user under which the
server operates, generally root or Administrator.

See also :

http://service.real.com/help/faq/security/bufferoverrun030303.html
http://www.nessus.org/u?d552d421
http://www.service.real.com/help/faq/security/rootexploit082203.html
http://www.service.real.com/help/faq/security/rootexploit091103.html

Solution :

Install the Helix Universal Server 9.01 Security Update or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.0
(CVSS2#E:F/RL:W/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 11642 (helix_overflow.nasl)

Bugtraq ID: 8476

CVE ID: CVE-2003-0725