Signature Detail

RTSP: RealServer SETUP Command Buffer Overflow (3)

This signature detects attempts to exploit a known vulnerability against the RealServer daemon running on Microsoft Windows NT4. RealNetworks RealServer versions 8.0.2 and earlier are vulnerable. Attackers can send a SETUP command to the RealServer daemon and overflow the buffer to gain administrator access to the server.

Extended Description

RealNetworks has reported that buffer overflow vulnerabilities exist in Helix Universal Server/RealServer versions 8.01 and earlier. This is due to insufficient bounds checking of URIs by RTSP methods. Successful exploitation of these issues may result in execution of malicious instructions in the security context of the server process. The issues were reported on Microsoft Windows platforms but also may also affect other platforms. This issue may be related to previously reported issues (BID 6454, BID 6456 and BID 6458).

Affected Products

• Real Networks Helix Universal Server 8.0.0 1
• Real Networks Real Server 5.0.0
• Real Networks Real Server 7.0.0
• Real Networks Real Server 7.0.1
• Real Networks Real Server 7.0.2
• Real Networks Real Server 8.0.0
• Real Networks Real Server 8.0.0 1
• Real Networks Real Server 8.0.0 Beta

References

• BugTraq: 7020
• URL: http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=7168
• URL: http://www.securiteam.com/exploits/5JP0B1F96W.html
• URL: http://attrition.org/security/advisory/iss/summary/iss.summary.4.9