| VID |
23070 |
| Severity |
30 |
| Port |
554 |
| Protocol |
TCP |
| Class |
RTSP |
| Detailed Description |
The RealNetworks Helix Universal Server, according to its version number, is vulnerable to a denial of service attack.
RealNetworks' Helix Universal Server is a streaming audio server that supports all major media file formats. Helix Universal Server version 9.0.2 for Linux and version 9.0.1 for Windows are vulnerable to a denial of service attack. The problem exists in the handling of specially crafted GET requests. Successful exploitation of this vulnerability could allow a remote attacker to cause a null pointer dereference and cause the server to crash.
* Note: This check solely relied on the version number of the remote Helix Universal Server to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-04/0160.html
http://www.idefense.com/application/poi/display?id=102&type=vulnerabilities
* Platforms Affected:
RealNetworks, Inc., Helix Universal Server 9.0.1 for Windows
RealNetworks, Inc., Helix Universal Server 9.0.2 for Linux
Linux Any version
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Helix Universal Server (9.0.3 or later), available from the RealNetworks Customer Support Web site at http://www.expressresponse.com/cgi-bin/real_sts/showFaq.cgi?producttype=helix |
| Related URL |
CVE-2004-0389 (CVE) |
| Related URL |
10157 (SecurityFocus) |
| Related URL |
15880 (ISS) |
|
