Helix Server < 11.1.4 RTSP Command Multiple Requires Overflow

High Nessus Network Monitor Plugin ID 4192

Synopsis

The remote RTSP server is prone to a buffer overflow.

Description

The remote host is running Helix Server or Helix DNA Server, a media streaming server. The version of the Helix server installed on the remote host reportedly contains a heap overflow that is triggered using an RTSP command with multiple 'Require' headers. An unauthenticated remote attacker can leverage this flaw to execute arbitrary code subject to the privileges under which it operates, by default LOCAL SYSTEM on Windows.

Solution

Upgrade to Helix Server / Helix DNA Server version 11.1.4 or higher.

See Also

http://www.nessus.org/u?dabedd30

http://archives.neohapsis.com/archives/fulldisclosure/2007-08/0432.html

Plugin Details

Severity: High

ID: 4192

File Name: 4192.prm

Family: Generic

Published: 2007/08/26

Modified: 2016/01/15

Nessus ID: 25950

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Reference Information

CVE: CVE-2007-4561

BID: 25440

OSVDB: 39903