Helix Servers View Source Plug-in RTSP Parser Overflow

Critical Nessus Plugin ID 11642


The remote media streaming server is susceptible to buffer overflow attacks.


The remote host is running RealServer or Helix Universal Server, media streaming servers.

According to its banner, the version of the server installed on the remote host may be affected by a buffer overflow vulnerability when handling URLs with many '/' characters and another when handling unspecified RTSP methods. Using a specially crafted request, an attacker may be able to leverage either of these issues to execute arbitrary code subject to the privileges of the user under which the server operates, generally root or Administrator.


Install the Helix Universal Server 9.01 Security Update or later.

See Also





Plugin Details

Severity: Critical

ID: 11642

File Name: helix_overflow.nasl

Version: $Revision: 1.19 $

Type: remote

Published: 2003/05/21

Modified: 2017/06/28

Dependencies: 10762

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:W/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2003/08/22

Exploitable With


Reference Information

CVE: CVE-2003-0725

BID: 8476

OSVDB: 11772