Macromedia Flash Media Server Administration Service Crafted Packet Remote DoS

High Nessus Plugin ID 20302

Synopsis

The remote service is prone to a remote denial of service attack.

Description

The remote host appears to be using Flash Media Server.

The version of Flash Media Server installed on the remote host is affected by a flaw in its administration server that causes it to crash if it receives a single character. The administration server is used to remotely administer Flash Media Server, and this flaw can be used by an attacker to disable access to this service.

Solution

Limit access to this port to trusted users.

Plugin Details

Severity: High

ID: 20302

File Name: flash_mediaserver_admin_dos.nasl

Version: $Revision: 1.19 $

Type: remote

Published: 2005/12/14

Modified: 2011/03/14

Dependencies: 10107

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:H/RL:W/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2005/12/07

Reference Information

CVE: CVE-2005-4216

BID: 15822