Lucene search
SAINT CorporationSAINT:88066D5C73C138DE86B9075B2D302BF5HistoryMar 18, 2008 - 12:00 a.m.
RealNetworks Helix Server RTSP Proxy-Require heap overflow
2008-03-1800:00:00
SAINT Corporation
www.saintcorporation.com
19
EPSS
0.542
Percentile
97.6%
Added: 03/18/2008
CVE: CVE-2008-5911
BID: 33059
Background
RealNetworks Helix Server is a media server supporting multiple formats and platforms.
Problem
A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted Proxy-Require header in an RTSP request.
Resolution
Upgrade to Helix Server 11.1.8 or 12.0.1 or higher.
References
<http://docs.real.com/docs/security/SecurityUpdate121508HS.pdf>
Limitations
Exploit works on RealNetworks Helix Server 12.0 on Windows Server 2003 SP2.
Due to the nature of the vulnerability, the success of this exploit may depend on the state of the target system’s memory.
Platforms
Windows
Related
checkpoint_advisories
checkpoint_advisories
RealNetworks Helix Server RTSP SETUP Stack Buffer Overflow (CVE-2008-5911)
2009-10-13 00:00:00
RealNetworks Helix Server RTSP DESCRIBE Heap Buffer Overflow (CVE-2008-5911)
2010-02-15 00:00:00
saint
saint
RealNetworks Helix Server RTSP Proxy-Require heap overflow
2008-03-18 00:00:00
RealNetworks Helix Server RTSP Proxy-Require heap overflow
2008-03-18 00:00:00
RealNetworks Helix Server RTSP Proxy-Require heap overflow
2008-03-18 00:00:00
prion
prion
Buffer overflow
2009-01-20 16:00:00
cve
cve
CVE-2008-5911
2009-01-20 16:00:00
cvelist
cvelist
CVE-2008-5911
2009-01-20 15:26:00
nessus
nessus
RealNetworks Helix Server < 11.1.8/12.0.1 Multiple Vulnerabilities
2009-01-30 00:00:00
nvd
nvd
CVE-2008-5911
2009-01-20 16:00:00