Detections
Analytics

RealNetworks Helix Servers DESCRIBE Request LoadTestPassword Field Remote Overflow

critical Nessus Plugin ID 24876

Language:

Synopsis

The remote RTSP server suffers from a buffer overflow vulnerability.

Description

The remote host is running Helix DNA Server or Helix Server, a media streaming server.

The version of the Helix server installed on the remote host contains a heap overflow involving an invalid 'LoadTestPassword' field. An unauthenticated, remote attacker can leverage this flaw using a simple 'DESCRIBE' request to crash the affected application and possibly to execute arbitrary code subject to the privileges of the user id under which it runs, which by default on Windows is LOCAL SYSTEM.

Solution

Upgrade to Helix Server / Helix DNA Server version 11.1.3 or later.

See Also

http://www.nessus.org/u?6449002c

https://www.securityfocus.com/archive/1/463333/30/0/threaded

http://www.nessus.org/u?27db559a

http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf

Plugin Details

Severity: Critical

ID: 24876

File Name: helix_loadtestpassword_overflow.nasl

Version: 1.18

Type: remote

Published: 3/23/2007

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 5/2/2006

Reference Information

CVE: CVE-2006-6026

BID: 21141, 23068