Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.

Synopsis :

The remote Flash media server is affected by multiple vulnerabilities.

Description :

The remote host is running Adobe's Flash Media Server, an application
server for Flash-based applications.

The Edge server component included with the version of Flash Media
Server installed on the remote host contains several integer overflow
and memory corruption errors that can be triggered when parsing
specially crafted Real Time Message Protocol (RTMP) packets. An
unauthenticated, remote attacker can leverage these issues to crash the
affected service or execute arbitrary code with SYSTEM-level
privileges (under Windows), potentially resulting in a complete
compromise of the affected host.

See also :

Solution :

Upgrade to Flash Media Server 2.0.5 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false

Family: Gain a shell remotely

Nessus Plugin ID: 31096 (adobe_fms_2_0_5.nasl)

Bugtraq ID: 27762

CVE ID: CVE-2007-6431

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial