Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.

Synopsis :

The remote Flash media server is affected by multiple vulnerabilities.

Description :

The remote host is running Adobe's Flash Media Server, an application
server for Flash-based applications.

The Edge server component included with the version of Flash Media
Server installed on the remote host contains several integer overflow
and memory corruption errors that can be triggered when parsing
specially crafted Real Time Message Protocol (RTMP) packets. An
unauthenticated, remote attacker can leverage these issues to crash the
affected service or execute arbitrary code with SYSTEM-level
privileges (under Windows), potentially resulting in a complete
compromise of the affected host.

See also :

Solution :

Upgrade to Flash Media Server 2.0.5 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false

Family: Gain a shell remotely

Nessus Plugin ID: 31096 (adobe_fms_2_0_5.nasl)

Bugtraq ID: 27762

CVE ID: CVE-2007-6431

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now