Real Server Denial of Service

 
Real Server Subject to DoS
Reported April 20, 2000 by
USSRLabs
VERSIONS EFFECTED
  • Real Networks Real Server 7 (linux or Windows)
  • Real Networks Real Server Pro (linux or Windows)
  • Real Networks Real Server Intranet (linux or Windows)
  • Real Networks Real Server Plus (linux or Windows)
  • Real Networks Real Server Basic (linux or Windows)
  • Real Networks Real Server G2 1.0

DESCRIPTION

By sending the Real Server 471 bytes of malformed data on port 7070, the service can be made to crash.

DEMONSTRATION

USSRLabs published an executable program along with source code that can test for this vulnerability. Copies can also be obtained from their Web site.

VENDOR RESPONSE

Real Networks has been informed of this issue, however no response was known at the time of this writing.

CREDITS
Discovered and reported by
USSRLabs
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish