GEN:SID 1:2411
Message WEB-MISC Real Server DESCRIBE buffer overflow attempt
Summary This event is generated when an attempt is made to exploit a known
vulnerability in RealNetworks Helix Media Server.
Impact Serious. Execution of arbitrary code is possible.
Detailed Information Versions of RealNetworks Helix Media Server and RealSystem Server are
vulnerable to a buffer overflow condition that may present the attacker
with the opportunity to execute code of their choosing on the target
system.

This may then present the attacker with the opportunity to gain a remote
root shell, thus compromising the system.
Affected Systems Helix Universal Server 9.01, versions 9.0.2.794 and earlier
      RealSystem Server 8.0 & 7.0
Attack Scenarios The attacker may probe for the existence of an affected server and then
use one of the publicly available scripts to exploit the service.
Ease of Attack Simple. Exploits exists.
Corrective Action Apply the appropriate vendor supplied patches.

Upgrade to the latest non-affected version of the software.
Additional References RealNetworks
http://www.service.real.com/help/faq/security/rootexploit091103.html
Rule References bugtraq: 8476
url: www.service.real.com/help/faq/security/rootexploit091103.html