Bugtraq mailing list archives

Remote DoS attack in RealServer

From: dcotter () REAL COM (David Cotter)
Date: Thu, 20 Apr 2000 23:55:13 -0700


On April 20th, 2000, a RealServer Denial of Service exploit potentially
affecting all RealServers was brought to the attention of RealNetworks. The
specific exploit involves a stack overflow in the PNA protocol handling
scheme and can ultimately cause the RealServer to discontinue serving
streams until the RealServer is restarted or "rebooted" by the System
Administrator.

We have not yet received reports of anyone actually being attacked with
this exploit; however, we have prepared an update to the RealServer
Software that will defeat this specific attack.  Please go to the below URL
for download instructions.

http://service.real.com/help/faq/servg270.html

------------------------------------------------------------------------
Dave Cotter
Program Manager, RealNetworks, Inc.
Ph: 1 206 674 2491
Pgr: 206-975-5640

Current thread:

Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit, (continued)
- - - Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Casper Dik (Apr 26)
    - Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Dimitri Avgoustakis (Apr 26)
    - Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Theodor R. Gislason (Apr 26)
    - SECURITY: UPDATED - RHSA-2000:014 New Piranha release available Cristian Gafton (Apr 26)
  - gpm-root initgroups() Koblinger Egmont (Apr 23)
  - Postgresql cleartext password storage Robert van der Meulen (Apr 23)
    - Re: Postgresql cleartext password storage Alexandru Popa (Apr 24)
  - Re: ZoneAlarm Stephen M. Milton (Apr 24)
- Microsoft Security Bulletin (MS00-027) Microsoft Product Security (Apr 20)
- Remote vulnerability in LCDproc 0.4 Andrew Hobgood (Apr 20)
- Remote DoS attack in RealServer David Cotter (Apr 20)
- CMD.EXE overflow (CISADV000420) Cerberus Security Team (Apr 21)