APP: AgentX++ receive_agentx Stack Buffer Overflow
A stack buffer overflow vulnerability exists in multiple products that use the AgentX++ software. The vulnerability is due to a boundary error in AgentX::receive_agentx function. A remote unauthenticated attacker can exploit this vulnerability by sending multiple blocks of data to the target server. Successful exploitation would allow for arbitrary code injection and execution with the privileges of the server, normally SYSTEM. Code injection that does not result in execution could terminate the application due to memory corruption, and could result in a Denial of Service condition.
Extended Description
AgentX++ is prone to a remote stack-based buffer-overflow vulnerability. Exploiting this issue can allow attackers to execute arbitrary code within the context of the user running the AgentX master process; in some cases the superuser may be the owner of the process. Failed attempts may cause crashes and deny service to legitimate users. AgentX++ 1.4.16 is vulnerable; other versions may also be affected. In addition, these issues affect versions prior to Helix Server and Helix Mobile Server 14.0. NOTE: This issue was previously covered in BID 39490 (RealNetworks Helix and Helix Mobile Server Multiple Remote Code Execution Vulnerabilities) but has been given its own record to better document it.
Affected Products
Real_networks helix_server
References
BugTraq: 39564
CVE: CVE-2010-1318
URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=867
Short Name
APP:AGENTX-RECEIVE-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
AgentX++ Buffer CVE-2010-1318 Overflow Stack bid:39564 receive_agentx
Release Date
10/14/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
tcp/705
False Positive
Unknown
Vendors
Frank_fock
Real_networks
CVSS Score
10.0