Helix Servers View Source Plug-in RTSP Parser Overflow

This script is Copyright (C) 2003-2017 Montgomery County Maryland Government Security Team

Synopsis :

The remote media streaming server is susceptible to buffer overflow

Description :

The remote host is running RealServer or Helix Universal Server, media
streaming servers.

According to its banner, the version of the server installed on the
remote host may be affected by a buffer overflow vulnerability when
handling URLs with many '/' characters and another when handling
unspecified RTSP methods. Using a specially crafted request, an
attacker may be able to leverage either of these issues to execute
arbitrary code subject to the privileges of the user under which the
server operates, generally root or Administrator.

See also :


Solution :

Install the Helix Universal Server 9.01 Security Update or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.0
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 11642 (helix_overflow.nasl)

Bugtraq ID: 8476

CVE ID: CVE-2003-0725

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now