Signature Detail
Short Name |
APP:AGENTX-RECEIVE-OF |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
AgentX++ receive_agentx Stack Buffer Overflow |
Release Date |
2010/10/14 |
Update Number |
1792 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: AgentX++ receive_agentx Stack Buffer Overflow
A stack buffer overflow vulnerability exists in multiple products that use the AgentX++ software. The vulnerability is due to a boundary error in AgentX::receive_agentx function. A remote unauthenticated attacker can exploit this vulnerability by sending multiple blocks of data to the target server. Successful exploitation would allow for arbitrary code injection and execution with the privileges of the server, normally SYSTEM. Code injection that does not result in execution could terminate the application due to memory corruption, and could result in a Denial of Service condition.
Extended Description
AgentX++ is prone to a remote stack-based buffer-overflow vulnerability. Exploiting this issue can allow attackers to execute arbitrary code within the context of the user running the AgentX master process; in some cases the superuser may be the owner of the process. Failed attempts may cause crashes and deny service to legitimate users. AgentX++ 1.4.16 is vulnerable; other versions may also be affected. In addition, these issues affect versions prior to Helix Server and Helix Mobile Server 14.0. NOTE: This issue was previously covered in BID 39490 (RealNetworks Helix and Helix Mobile Server Multiple Remote Code Execution Vulnerabilities) but has been given its own record to better document it.
Affected Products
- Frank Fock AgentX++ 1.4
- Frank Fock AgentX++ 1.4.16
- Real Networks Helix Mobile Server 11.1.2
- Real Networks Helix Mobile Server 11.1.4
- Real Networks Helix Mobile Server 11.1.6
- Real Networks Helix Mobile Server 11.1.7
- Real Networks Helix Mobile Server 11.1.8
- Real Networks Helix Mobile Server 12.0.0
- Real Networks Helix Mobile Server 12.0.1
- Real Networks Helix Mobile Server 12.0.1 .215
- Real Networks Helix Mobile Server 13.0.0
- Real Networks Helix Server 11.1.2
- Real Networks Helix Server 11.1.4
- Real Networks Helix Server 11.1.6
- Real Networks Helix Server 11.1.7
- Real Networks Helix Server 11.1.8
- Real Networks Helix Server 12.0.0
- Real Networks Helix Server 12.0.1
- Real Networks Helix Server 12.0.1 .215
- Real Networks Helix Server 13.0.0
References
- BugTraq: 39564
- CVE: CVE-2010-1318