Info

Disclosure

Dec 20, 2002

Discovery

Nov 12, 2002

Dates

Exploit

Unknown

Solution

Unknown

Description

RealNetworks Helix Universal Server and RealServer contain a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to the server not properly handling multiple simultaneous HTTP GET requests. If an attacker sends two specially crafted requests it will overflow a buffer allowing execution of arbitrary code with the privileges of the server.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 9.01 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

RealNetworks, Inc.	Helix Universal Server	8.0.1
		9.0
	RealServer	8.0.1

References

ISS X-Force ID: 10916 10917
CVE ID: 2002-1643 (see also: NVD)
Metasploit ID: 4468
Related OSVDB ID: 4579 4580
Bugtraq ID: 6456 6458 7020
CERT VU: 974689
Exploit Database: 9937
Generic Informational URL: http://lists.immunitysec.com/pipermail/dailydave/2003-August/000030.html
Other Advisory URL: http://www.nextgenss.com/advisories/realhelix.txt
Vendor URL: http://www.real.com/
Vendor Specific Solution URL: http://www.service.real.com/help/faq/security/bufferoverrun030303.html
http://www.service.real.com/help/faq/security/bufferoverrun12192002.html

Credit

Mark Litchfield - markngssoftware.com - NGS Software

Direct URL: http://osvdb.org/4468

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

RealNetworks, Inc.

Helix Universal Server

RealServer

References

Credit