Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:276 |
Message | DOS Real Audio Server |
Summary | This event is generated when a remote attacker transmits a malformed request for a page on a RealNetworks RealServer port, which can indicate a Denial of Service (DoS) attack on the RealServer. |
Impact | The RealNetworks RealServer service will crash. |
Detailed Information | RealNetworks RealServer is a server application that serves streaming audio to clients. When an attacker sends a request for a template file in the /viewsource/ directory with an empty variable value, RealServer crashes. |
Affected Systems | Systems running RealNetworks RealServer 7.0 with View Source functionality enabled. |
Attack Scenarios | An attacker sends an HTTP request for /viewsource/template.html? on a RealServer audio server. RealServer crashes, stopping audio transmission. |
Ease of Attack | Simple. |
Corrective Action | Upgrade to the latest version of the software or disable the View Source functionality. The vendor has issued an advisory, workarounds, and downloadable patches at http://service.real.com/help/faq/servgviewsrc.html. |
Additional References | RealNetworks http://service.real.com/help/faq/servgviewsrc.html |
Rule References | cve: 1999-0271 nessus: 10183 |
--
DID:638781
--
http://www.aanval.com/