Helix Server < 18.104.22.1687 DESCRIBE Request LoadTestPassword Field Overflow
High Nessus Network Monitor Plugin ID 3953
SynopsisThe remote host is vulnerable to a heap overflow.
DescriptionThe remote host is running the Helix RealServer streaming media server. This version of Helix is vulnerable to a flaw in the way that it processes the 'LoadTestPassword' field of a 'DESCRIBE' request. An attacker exploiting this flaw would only need to be able to send malformed requests to the Helix Server. Successful exploitation would result in the attacker executing arbitrary code
SolutionUpgrade to version 22.214.171.1247 or higher.