ID CVE-2015-8271
Summary The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:rtmpdump_project:rtmpdump:2.4
    cpe:2.3:a:rtmpdump_project:rtmpdump:2.4
CVSS
Base: 7.5 (as of 19-04-2017 - 20:38)
Impact:
Exploitability:
CWE CWE-123
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3850.NASL
    description Dave McDaniel discovered multiple vulnerabilities in rtmpdump, a small dumper/library for RTMP media streams, which may result in denial of service or the execution of arbitrary code if a malformed stream is dumped.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 100164
    published 2017-05-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100164
    title Debian DSA-3850-1 : rtmpdump - security update
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3283-1.NASL
    description Dave McDaniel discovered that rtmpdump incorrectly handled certain malformed streams. If a user were tricked into processing a specially crafted stream, a remote attacker could cause rtmpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 100102
    published 2017-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100102
    title Ubuntu 14.04 LTS / 16.04 LTS : rtmpdump vulnerabilities (USN-3283-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-917.NASL
    description Several vulnerabilities were found in rtmpdump and the librtmp library. CVE-2015-8270 A bug in AMF3ReadString in librtmp can cause a denial of service via application crash to librtmp users that talk to a malicious server. CVE-2015-8271 The AMF3_Decode function in librtmp doesn't properly validate its input, which can lead to arbitrary code execution when talking to a malicious attacker. CVE-2015-8272 A bug in rtmpsrv can lead to a crash when talking to a malicious client. For Debian 7 'Wheezy', these problems have been fixed in version 2.4+20111222.git4e06e21-1+deb7u1. We recommend that you upgrade your rtmpdump packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 99674
    published 2017-04-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99674
    title Debian DLA-917-1 : rtmpdump security update
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3283-2.NASL
    description Dave McDaniel discovered that rtmpdump incorrectly handled certain malformed streams. If a user were tricked into processing a specially crafted stream, a remote attacker could cause rtmpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-05-24
    plugin id 100379
    published 2017-05-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100379
    title Ubuntu 12.04 LTS : rtmpdump vulnerabilities (USN-3283-2)
refmap via4
bid 95125
debian DSA-3850
misc http://www.talosintelligence.com/reports/TALOS-2016-0067/
talos via4
id TALOS-2016-0067
last seen 2018-08-31
published 2016-01-07
reporter Talos Intelligence
source http://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0067
title RTMPDump librtmp AMF3 Class Member Count Remote Code Execution Vulnerability
Last major update 20-04-2017 - 09:26
Published 13-04-2017 - 10:59
Last modified 03-11-2017 - 21:29
Back to Top