This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote RTSP server suffers from multiple overflow issues.
The remote host is running Fenice, an open source media streaming
server for Linux / Unix.
The version of Fenice installed on the remote host is affected by an
integer overflow vulnerability involving requests with large values
for the 'Content-Length' header and by a buffer overflow vulnerability
in its 'parse_url' function. An unauthenticated, remote attacker can
exploit either flaw using a simple GET request to crash the affected
application and possibly to execute arbitrary code subject to the
privileges of the user id under which Fenice runs.
See also :
Upgrade to Fenice version 1.11 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 21610 (fenice_110.nasl)
Bugtraq ID: 17678
CVE ID: CVE-2006-2022CVE-2006-2023
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.