GEN:SID | 1:2411 |
Message | WEB-MISC Real Server DESCRIBE buffer overflow attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in RealNetworks Helix Media Server.
|
Impact | Serious. Execution of arbitrary code is possible.
|
Detailed Information | Versions of RealNetworks Helix Media Server and RealSystem Server are vulnerable to a buffer overflow condition that may present the attacker with the opportunity to execute code of their choosing on the target system.
This may then present the attacker with the opportunity to gain a remote root shell, thus compromising the system.
|
Affected Systems | Helix Universal Server 9.01, versions 9.0.2.794 and earlier RealSystem Server 8.0 & 7.0
|
Attack Scenarios | The attacker may probe for the existence of an affected server and then use one of the publicly available scripts to exploit the service.
|
Ease of Attack | Simple. Exploits exists.
|
Corrective Action | Apply the appropriate vendor supplied patches.
Upgrade to the latest non-affected version of the software.
|
Additional References | RealNetworks http://www.service.real.com/help/faq/security/rootexploit091103.html
|
Rule References | bugtraq: 8476
url: www.service.real.com/help/faq/security/rootexploit091103.html
|