Vulnerabilities > CVE-2009-1365 - RPC Call Privilege Escalation vulnerability in Adobe Flash Media Server

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

adobe

nessus

NVD

Published: 2009-05-01

Updated: 2009-05-19

Summary

Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.4 and 3.5.x before 3.5.2, as used in Flash Media Interactive Server and Flash Media Streaming Server, allows remote attackers to execute arbitrary remote procedures within an ActionScript file on the server via RPC requests.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Flash Media Server 2.0.1 Adobe Flash Media Server 2.0.2 Adobe Flash Media Server 2.0.3 Adobe Flash Media Server 2.0.4 Adobe Flash Media Server 2.0.5 Adobe Flash Media Server 3.0 Adobe Flash Media Server 3.0.1 Adobe Flash Media Server 3.0.2 Adobe Flash Media Server 3.0.3 Adobe Flash Media Server 3.5 Adobe Flash Media Server 3.5.1	11

Nessus

NASL family	Misc.
NASL id	ADOBE_FMS_RPC.NASL
description	The remote host is running Adobe Flash Media Server, an application server for Flash-based applications. The version running on the remote host has an unspecified RPC vulnerability. This can reportedly be exploited to execute remote procedures within an server-side ActionScript file running on the server.
last seen	2020-06-01
modified	2020-06-02
plugin id	38700
published	2009-05-07
reporter	This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/38700
title	Adobe Flash Media Server RPC Privilege Escalation (APSB09-05)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(38700); script_version("1.14"); script_cvs_date("Date: 2018/11/15 20:50:23"); script_cve_id("CVE-2009-1365"); script_bugtraq_id(34790); script_xref(name:"Secunia", value:"34878"); script_name(english:"Adobe Flash Media Server RPC Privilege Escalation (APSB09-05)"); script_summary(english:"Checks the version number"); script_set_attribute( attribute:"synopsis", value:"The remote media server has a privilege escalation vulnerability." ); script_set_attribute(attribute:"description", value: "The remote host is running Adobe Flash Media Server, an application server for Flash-based applications. The version running on the remote host has an unspecified RPC vulnerability. This can reportedly be exploited to execute remote procedures within an server-side ActionScript file running on the server." ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb09-05.html" ); script_set_attribute( attribute:"solution", value:"Upgrade to Flash Media Server 3.5.2 / 3.0.4 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_publication_date", value: "2009/05/07"); script_set_attribute(attribute:"patch_publication_date", value: "2009/04/30"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_media_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc."); script_dependencies("adobe_fms_detect.nasl"); script_require_ports("Services/rtmp", 1935, 19350); script_require_keys("rtmp/adobe_fms"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_kb_item_or_exit("Services/rtmp"); version = get_kb_item_or_exit("rtmp/" + port + "/adobe_fms/version"); source = get_kb_item_or_exit("rtmp/" + port + "/adobe_fms/version_source"); ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if ( ver[0] < 3 \|\| (ver[0] == 3 && ver[1] == 0 && ver[2] < 4) \|\| (ver[0] == 3 && ver[1] > 0 && (ver[1] < 5 \|\| (ver[1] == 5 && ver[2] < 2))) ) { if (report_verbosity) { report = '\n' + 'Version source : ' + source + '\n' + 'Installed version : ' + version + '\n' + 'Fixed version : 3.0.4 / 3.5.2\n'; security_hole(port:port, extra:report); } else security_hole(port); } else exit(0, "The Adobe Flash Media Server version "+version+" on port "+port+" is not affected.");

Seebug

bulletinFamily	exploit
description	Bugraq ID: 34790 CVE ID：CVE-2009-1365 CNCVE ID：CNCVE-20091365 Adobe Flash Media Server是一款流视频和实时通信领域的解决方案，可提供网上视频直播服务。 Adobe Flash Media Server存在一个未明安全问题，远程攻击者可以利用漏洞以应用程序权限执行任意指令。目前没有详细漏洞细节提供。 Adobe Flash Media Streaming Server 3.5.1 Adobe Flash Media Server 3.5.1 Adobe Flash Media Server 3.0.3 Adobe Flash Media Server 2.0.5 Adobe Flash Media Server 2.0.4 Adobe Flash Media Server 2.0.3 Adobe Flash Media Server 2.0.2 Adobe Flash Media Server 2.0.1 Adobe Flash Media Server 2.0 Adobe Flash Media Server 3.0 Adobe Flash Media Interactive Server 3.5.1 升级程序： Adobe Flash Media Streaming Server 3.5.1 Adobe FlashMediaServer3.5.exe <a href=http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Wind target=_blank rel=external nofollow>http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Wind</a> ows/FlashMediaServer3.5.exe Adobe FlashMediaServer3.5.tar.gz <a href=http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Linu target=_blank rel=external nofollow>http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Linu</a> x/FlashMediaServer3.5.tar.gz Adobe Flash Media Interactive Server 3.5.1 Adobe FlashMediaServer3.5.exe <a href=http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Wind target=_blank rel=external nofollow>http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Wind</a> ows/FlashMediaServer3.5.exe Adobe FlashMediaServer3.5.tar.gz <a href=http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Linu target=_blank rel=external nofollow>http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Linu</a> x/FlashMediaServer3.5.tar.gz Adobe Flash Media Server 3.5.1 Adobe FlashMediaServer3.5.exe <a href=http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Wind target=_blank rel=external nofollow>http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Wind</a> ows/FlashMediaServer3.5.exe Adobe FlashMediaServer3.5.tar.gz <a href=http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Linu target=_blank rel=external nofollow>http://download.macromedia.com/pub/flashmediaserver/updates/3_5_2/Linu</a> x/FlashMediaServer3.5.tar.gz
id	SSV:11188
last seen	2017-11-19
modified	2009-05-04
published	2009-05-04
reporter	Root
title	Adobe Flash Media Server未明RPC调用特权提升漏洞

Summary

Vulnerable Configurations

Nessus

Seebug

References