Detections
Analytics

Helix Server < 11.1.4 RTSP Command Multiple Requires Overflow

high Nessus Network Monitor Plugin ID 4192

Synopsis

The remote RTSP server is prone to a buffer overflow.

Description

The remote host is running Helix Server or Helix DNA Server, a media streaming server. The version of the Helix server installed on the remote host reportedly contains a heap overflow that is triggered using an RTSP command with multiple 'Require' headers. An unauthenticated remote attacker can leverage this flaw to execute arbitrary code subject to the privileges under which it operates, by default LOCAL SYSTEM on Windows.

Solution

Upgrade to Helix Server / Helix DNA Server version 11.1.4 or higher.

See Also

http://www.nessus.org/u?dabedd30

http://archives.neohapsis.com/archives/fulldisclosure/2007-08/0432.html

Plugin Details

Severity: High

ID: 4192

Family: Generic

Published: 8/26/2007

Updated: 3/6/2019

Nessus ID: 25950

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:realnetworks:helix_dna_server

Reference Information

CVE: CVE-2007-4561

BID: 25440