RealNetworks Helix DNA Server RTSP buffer overflow
| helix-dna-rtsp-bo (27316) |  High Risk |
Description:
RealNetworks Helix DNA Server is vulnerable to a heap-based buffer overflow, caused by improper bounds checking of HTTP headers by the Real Time Streaming Protocol (RTSP) service. By sending an HTTP request with a malformed HTTP header, a remote attacker could overflow a buffer in the RTSP service and execute arbitrary code on the affected system.
Consequences:
Gain Access
Remedy:
Upgrade to the latest version of RealNetworks Helix DNA (11.1 or later), available from the RealNetworks Web site. See References.
References:
- Full-Disclosure Mailing List, Thu Jun 22 2006 - 14:52:46 CDT: [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities.
- Helix Community Web site: Helix-Server Home Page.
- Mu Security Advisory MU-200606-01: Real Helix RTSP Server Heap Corruption Vulnerabilities.
- BID-18606: RealNetworks Helix DNA Server Multiple Remote Code Execution Vulnerabilities
- CVE-2006-3276: Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the parsing of HTTP URL schemes.
- OSVDB ID: 26799: RealNetworks Helix DNA Server User-Agent HTTP Header Overflow
- SA20784: Helix DNA Server Heap Corruption Vulnerabilities
- SECTRACK ID: 1016365: Helix DNA Server Buffer Overflow in RTSP Service Lets Remote Users Execute Arbitrary Code
- VUPEN/ADV-2006-2521: Helix DNA Server RTSP and HTTP Services Remote Buffer Overflow Vulnerabilities
Platforms Affected:
- Real Helix DNA Server 10
- Real Helix DNA Server 11
Reported:
Jun 22, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net