Bugtraq mailing list archives
Re: Remote DoS attack in Real Networks Real Server (Strike #2)Vulnerability
From: long () KESTREL CC UKANS EDU (Jeff Long)
Date: Fri, 2 Jun 2000 11:24:35 -0500
Jeff Long wrote:
Ussr Labs wrote:Remote DoS attack in Real Networks Real Server (Strike #2) VulnerabilityReal Networks Real Server 7 Windows NT/2000Real Networks Real Server 7.01 Windows NT/2000The Ussr Labs team has recently discovered a memory problem in the RealServer 7 Server (patched and non-patched). What happens is, by performing an attack sending specially-malformed information to the RealServer HTTP Port(default is 8080), the process containing the services will stop responding. The Exploit: It will take down the RealServer causing it to stop all streaming media brodcasts, making it non-functional, (untill Reboot) Example: With the RealServer server running on 'Port' (default being 8080) the syntax to do the D.O.S. attack is: http://ServerIp:Port/viewsource/template.html? And Real Server will Stop Responding.Apparently Real Server 7.02 fixes this problem (at least on NT Server 4.0 SP6a). I was able to verify this exploit on 7.01 but after upgrading to 7.02 this no longer occurs. Note, that for the upgrade to be effective you must reboot NT for it to work otherwise it will still hang.
I spoke too soon. It looks like they only fixed it in the case where you launch n of these attacks and n <= some number (probably the number of Real media streams you are licensed for). When you launch 56 of these attacks at a RealServer Basic 7.02 you still end up hanging the Real Server. Jeff Long
Current thread:
- Microsoft BackOffice component: adredir.asp, (continued)
- Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
- Re: [rootshell.com] Xterm DoS Attack Darren Reed (Jun 02)
- Re: [rootshell.com] Xterm DoS Attack gavina () CSIS GVSU EDU (Jun 02)
- [Debian] Majordomo will be removed Aleph One (Jun 03)
- /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Paulo Ribeiro (Jun 02)
- Re: /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Christopher Schulte (Jun 04)
- [Gael Duval <gduval () mandrakesoft com>] [Security Announce] cdrecord Chmouel Boudjnah (Jun 03)
- Remote DoS attack in Real Networks Real Server (Strike #2) Vulnerability Ussr Labs (Aug 01)
- Re: Remote DoS attack in Real Networks Real Server (Strike #2)Vulnerability Jeff Long (Jun 02)
- [JOLT2] Remote Denial of Service against Be/OS. visi0n (Jun 01)
- Re: Remote DoS attack in Real Networks Real Server (Strike #2)Vulnerability Jeff Long (Jun 02)
- Re: Remote DoS attack in Real Networks Real Server (Strike #2)Vulnerability Jeff Long (Jun 02)