Vulnerabilities > CVE-2004-0389 - NULL Pointer Dereference vulnerability in Realnetworks Helix Universal Server 9.0.1/9.0.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Real Networks Helix Universal Server 9.0.x Denial of Service Vulnerability. CVE-2004-0389. Dos exploit for windows platform |
| id | EDB-ID:24010 |
| last seen | 2016-02-02 |
| modified | 2004-04-15 |
| published | 2004-04-15 |
| reporter | anonymous |
| source | https://www.exploit-db.com/download/24010/ |
| title | Real Networks Helix Universal Server 9.0.x - Denial of Service Vulnerability |
Nessus
| NASL family | Denial of Service |
| NASL id | HELIX_DOS.NASL |
| description | The remote host is running a version of RealServer that is vulnerable to a remote Denial of Service attack/ The issue is caused when a malformed GET_PARAMETER or DESCRIBE request is sent to the server. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 12210 |
| published | 2004-04-15 |
| reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/12210 |
| title | Helix RealServer HTTP GET Request DoS |