Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:277 |
Message | DOS Real Server template.html |
Summary | This event is generated when a remote attacker transmits a malformed request for a page on a RealNetworks RealServer port, which can indicate a Denial of Service (DoS) attack on the RealServer. |
Impact | The RealNetworks RealServer service will crash. |
Detailed Information | RealNetworks RealServer is a server application that serves streaming audio to clients. When an attacker sends a request for a template file in the /viewsource/ directory with an empty variable value, RealServer crashes. |
Affected Systems | Systems running RealNetworks RealServer 7.0 with View Source functionality enabled. |
Attack Scenarios | An attacker sends an HTTP request for /viewsource/template.html? on a RealServer audio server. RealServer crashes, stopping audio transmission. |
Ease of Attack | Simple. |
Corrective Action | Upgrade to the latest version of the software or disable the View Source functionality. The vendor has issued an advisory, workarounds, and downloadable patches at http://service.real.com/help/faq/servgviewsrc.html. |
Additional References | RealNetworks http://service.real.com/help/faq/servgviewsrc.html |
Rule References | bugtraq: 1288 cve: 2000-0474 nessus: 10461 |
--
DID:851790
--
http://www.aanval.com/