GEN:SID 1:276
Message DOS Real Audio Server
Summary This event is generated when a remote attacker transmits a malformed
request for a page on a RealNetworks RealServer port, which can indicate
a Denial of Service (DoS) attack on the RealServer.
Impact The RealNetworks RealServer service will crash.
Detailed Information RealNetworks RealServer is a server application that serves streaming
audio to clients. When an attacker sends a request for a template file
in the /viewsource/ directory with an empty variable value, RealServer
crashes.  
Affected Systems Systems running RealNetworks RealServer 7.0 with View Source
functionality enabled.
Attack Scenarios An attacker sends an HTTP request for /viewsource/template.html? on a
RealServer audio server. RealServer crashes, stopping audio
transmission.
Ease of Attack Simple.
Corrective Action Upgrade to the latest version of the software or disable the View Source
functionality. The vendor has issued an advisory, workarounds, and
downloadable patches at http://service.real.com/help/faq/servgviewsrc.html.
Additional References RealNetworks
http://service.real.com/help/faq/servgviewsrc.html

Rule References arachnids: 411
bugtraq: 1288
cve: 2000-0474