RTSP: Empty Setup String

This signature detects attempts to exploit a known vulnerability against Real Media stream server. A successful attack can result in a denial-of-service condition.

Extended Description

RealNetworks Helix Server is prone to a remote denial-of-service vulnerability because it fails to properly handle invalid requests. Exploiting this issue allows remote attackers to cause the server to crash, effectively denying service to legitimate users. These issues affect versions prior to Helix Server and Helix Mobile Server 13.0.0.

Affected Products

Real_networks helix_mobile_server

References

BugTraq: 35732

CVE: CVE-2009-2534

Short Name
RTSP:SETUP-EMPTY
Severity
Minor
Recommended
False
Recommended Action
None
Category
RTSP
Keywords
CVE-2009-2534 Empty Setup String bid:35732
Release Date
08/06/2009
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3730
False Positive
Unknown
Vendors

Real_networks

CVSS Score

5.0

Found a potential security threat?