RTSP: Helix LoadTestPassword Overflow
This signature detects attempts to exploit a known vulnerability against Real Networks' Helix Server. A successful attack can lead to arbitrary code execution.
Extended Description
RealNetworks Helix DNA Server is prone to an unspecified buffer-overflow vulnerability. An attacker could exploit this issue to execute arbitrary code in the context of the application. This may facilitate to the compromise of the application and underlying system. Helix DNA Server versions 11.0 and 11.1 are vulnerable; other versions may also be affected. Note: The vendor refutes this issue, stating that the report is unsubstantiated.
Affected Products
Real_networks helix_dna_server
References
BugTraq: 21141
CVE: CVE-2006-6026
URL: http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html
Short Name
RTSP:OVERFLOW:LOADTEST-PW-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
RTSP
Keywords
CVE-2006-6026 Helix LoadTestPassword Overflow bid:21141
Release Date
03/23/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
False Positive
Unknown
Vendors
Real_networks
CVSS Score
10.0