|
|
| |
RealNetworks Helix Universal Server is a universal digital media delivery platform with industry leading performance, integrated content distribution and Web services support.
Remote exploitation of a denial of service vulnerability in the way the Helix server handles the Content-Length field could allow an attacker to disable the server. |
| |
Credit:
The information has been provided by iDEFENSE Security Labs.
The original article can be found at: http://www.idefense.com/application/poi/display?id=151&type=vulnerabilities
|
| |
Vulnerable Systems:
* Realnetworks Helix Server version 9.0.2 for Linux
* Realnetworks Helix Server version 9.0.3 for Windows
Immune Systems:
* Realnetworks Helix Server above version 9.0.3
CVE Information:
Helix Server Content-Length Denial Of Service - CAN-2004-0774
The problem exists in the handling of a specially crafted POST request. Generating a request with the Content-Length header set to -1 triggers an integer handling error resulting in mass utilization of memory and CPU time.
Any unauthenticated remote attacker can exploit this vulnerability, which causes the affected system to utilize mass amounts of memory and CPU time. The system will no longer be able to process future requests. The affected server must be restarted in order to resume normal functionality.
Workaround
Usage of an inline application level filter can help mitigate risk of exploitation by scanning for and filtering invalid Content-Length parameters.
Vendor Status:
RealNetworks has released binaries that guard against the described vulnerability. The related advisory from RealNetworks is available at http://service.real.com/help/faq/security/security100704.html
Disclosure Timeline:
07/01/2004 Initial vendor notification
07/01/2004 iDEFENSE clients notified
08/05/2004 Initial vendor response
10/07/2004 Coordinated public Disclosure
|
|
|
|
|
|
|
|
