Real Networks Helix Server DESCRIBE Request Remote Heap Overflow Vulnerability

Bugtraq ID:	23068
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 20 2007 12:00AM
Updated:	Mar 21 2007 04:23PM
Credit:	Evgeny Legerov is credited with discovering this issue.
Vulnerable:	RealNetworks Helix Server 11.1.2
Not Vulnerable:

Real Networks Helix Server DESCRIBE Request Remote Heap Overflow Vulnerability

Real Networks Helix Server is prone to a heap-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker could leverage this issue to execute arbitrary code with superuser privileges. Successful exploits will result in a complete computer compromise. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects version 11.1.2.

Real Networks Helix Server DESCRIBE Request Remote Heap Overflow Vulnerability

The following proof of concept is availalble:

• /data/vulnerabilities/exploits/23068.py

Real Networks Helix Server DESCRIBE Request Remote Heap Overflow Vulnerability

Solution:
Reports indicate that version 11.1.3 addresses this issue. Symantec has not confirmed this. Please contact the vendor for more information.

Real Networks Helix Server DESCRIBE Request Remote Heap Overflow Vulnerability

References:

• [Server-cvs] protocol/rtsp rtspprot.cpp,1.80,1.81 (helixcommunity.org)
  
• Real Networks Helix Server Homepage (Real Networks)
  
• Helix Server heap overflow (Evgeny Legerov )