SecurityTeam US - RealNetworks Helix Universal Server Denial of Service Vulnerability


	Contribute : Advanced Search : Web Resources : Polls : File Repository

Poll
What would you like to see on SecurityTeamUS? More News Product Reviews HowTo's Custom RPM/Packages/Tools Other (Please leave comment) Results 96 votes \| 0 comments

Topics
Home Apache Apple Application Software Cisco Systems Database Servers Internet Explorer Linux Macromedia Microsoft Mozilla/Firefox Phishing/ID Theft Real Networks Security News Sun Microsystems Web Appliances/Devices Web Scripts Wi-Fi

Virus Alerts
17 Apr 2011 Troj/Mdrop-DKE 17 Apr 2011 Troj/Sasfis-O 17 Apr 2011 Troj/Keygen-FU 17 Apr 2011 Troj/Zbot-AOY 17 Apr 2011 Troj/Zbot-AOW 17 Apr 2011 W32/Womble-E 17 Apr 2011 Troj/VB-FGD 17 Apr 2011 Troj/FakeAV-DFF 17 Apr 2011 Troj/SWFLdr-W 17 Apr 2011 W32/RorpiaMem-A

Events
There are no upcoming events

Welcome to SecurityTeam US
Monday, February 06 2012 @ 12:43 PM EST

RealNetworks Helix Universal Server Denial of Service Vulnerability

Friday, October 08 2004 @ 10:19 AM EDT

A vulnerability has been reported in Helix Universal Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to insufficient validation of HTTP requests. This can be exploited to cause a vulnerable server to consume a large amount of memory and CPU resources by sending a specially crafted POST request with the "Content-Length" header set to -1.

The vulnerability has been reported in:
* Helix Universal Mobile Server & Gateway, versions 10.3.1.716 and prior.
* Helix Universal Server, version 9.0.4.958 and prior.

SOFTWARE:
Helix Universal Mobile Server 10.x
Helix Universal Server 9.x

SOLUTION:
Apply updates.

-- Helix Universal Server 9.04 (9.0.4.960) --

Linux:
http://forms.real.com/rnforms/products/servers/download/...&version=Helix+Universal+Server

Sun Solaris 2.8:
http://forms.real.com/rnforms/products/servers/download/...&version=Helix+Universal+Server

Windows:
http://forms.real.com/rnforms/products/servers/download/...&version=Helix+Universal+Server

-- Helix Mobile Universal Server and Gateway 10.04.1226 --

http://service.real.com/pam/

PROVIDED AND/OR DISCOVERED BY:
Discovered by anonymous person and reported via iDEFENSE.

ORIGINAL ADVISORY:
Real Networks:
http://service.real.com/help/faq/security/security100704.html

iDEFENSE:
http://www.idefense.com/application/poi/display?id=151&type=vulnerabilities

What's Related
http://forms.real.com/r... http://forms.real.com/r... http://forms.real.com/r... http://service.real.com... http://service.real.com... http://www.idefense.com... More from Real Networks

Story Options
Mail Story to a Friend Printable Story Format

RealNetworks Helix Universal Server Denial of Service Vulnerability | 0 comments | Create New Account

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Dedicated Servers
Created this page in 0.16 seconds