Real plugs critical holes in Helix Server


Real plugs critical holes in Helix Server RealNetworks has shipped a new version of its Helix Server to plug at least four vulnerabilities that introduce code execution and denial-of-service risks.

The flaws affect Helix Server Version 11.x, Helix Server Version 12.x, Helix Mobile Server Version 11.x and Helix Mobile Server Version 12.x. Three of the four bugs are considered “highly critical” because of the risk of remote code execution attacks.

Technical details:

  • ZDI-CAN-293: RealNetworks Helix Server RTSP DESCRIBE Heap Overflow Vulnerability. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability.
  • ZDI-CAN-323 DOS stack-based buffer-overflow vulnerability when parsing RTSP SETUP. Denial of Service can be triggered performing three consequent crafted requests on port 554 (default RTSP) of the server.
  • ZDI-CAN-333: RealNetworks Helix Server DataConvertBuffer Heap Overflow Vulnerability. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability.
  • ZDI-CAN-380: RealNetworks Helix Server NTLM Authentication Malformed Base64 Heap Overflow Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability.

Information on patching these installations can be found in this RealNetworks advisory (.pdf)

[Source: zdnet]

0 comments