Vulnerabilities > CVE-2004-0389 - NULL Pointer Dereference vulnerability in Realnetworks Helix Universal Server 9.0.1/9.0.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
realnetworks
CWE-476
nessus
exploit available

Summary

RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.

Vulnerable Configurations

Part Description Count
Application
Realnetworks
2

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionReal Networks Helix Universal Server 9.0.x Denial of Service Vulnerability. CVE-2004-0389. Dos exploit for windows platform
idEDB-ID:24010
last seen2016-02-02
modified2004-04-15
published2004-04-15
reporteranonymous
sourcehttps://www.exploit-db.com/download/24010/
titleReal Networks Helix Universal Server 9.0.x - Denial of Service Vulnerability

Nessus

NASL familyDenial of Service
NASL idHELIX_DOS.NASL
descriptionThe remote host is running a version of RealServer that is vulnerable to a remote Denial of Service attack/ The issue is caused when a malformed GET_PARAMETER or DESCRIBE request is sent to the server.
last seen2020-06-01
modified2020-06-02
plugin id12210
published2004-04-15
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/12210
titleHelix RealServer HTTP GET Request DoS