Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:REAL:NEG-CONT-LEN

Severity

 Medium

Recommended

 No

Category

 APP

Keywords

 Helix Universal Server Invalid Content Length

Release Date

 2005/08/04

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Helix Universal Server Invalid Content Length


This signature detects attempts to exploit a known vulnerability against the Real Networks Helix Universal Server. An attacker can send an RTSP request with a invalid content length, which can cause a denial-of-service condition.

Extended Description

A remote integer handling denial of service vulnerability affects the Real Networks Helix Universal Server. The problem surrounds the mishandling of some POST headers values. An attacker can exploit this issue to cause the affected server to consume excessive computer resources and hang, denying service to legitimate users.

Affected Products

  • Real Networks Helix Universal Gateway 9.0.0
  • Real Networks Helix Universal Gateway 9.0.2 .881
  • Real Networks Helix Universal Mobile Gateway 10.1.1 .120
  • Real Networks Helix Universal Mobile Gateway 10.3.1 .716
  • Real Networks Helix Universal Mobile Server 10.1.1 .120
  • Real Networks Helix Universal Mobile Server 10.3.1 .716

References

  • BugTraq: 11352
  • CVE: CVE-2004-0774
  • URL: http://download.saintcorporation.com/cgi-bin/demo_tut.pl?tutorial_name=RealServer_vulnerabilities.html&fact_color=doc&tag=

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out