|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Remote DoS attack in RealServer
From: David Cotter (dcotter
REAL.COM)Date: Fri Apr 21 2000 - 01:55:13 CDT
- Next message: Cerberus Security Team: "CMD.EXE overflow (CISADV000420)"
- Previous message: Wally Whacker: "ZoneAlarm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On April 20th, 2000, a RealServer Denial of Service exploit potentially
affecting all RealServers was brought to the attention of RealNetworks. The
specific exploit involves a stack overflow in the PNA protocol handling
scheme and can ultimately cause the RealServer to discontinue serving
streams until the RealServer is restarted or "rebooted" by the System
Administrator.
We have not yet received reports of anyone actually being attacked with
this exploit; however, we have prepared an update to the RealServer
Software that will defeat this specific attack. Please go to the below URL
for download instructions.
http://service.real.com/help/faq/servg270.html
------------------------------------------------------------------------
Dave Cotter
Program Manager, RealNetworks, Inc.
Ph: 1 206 674 2491
Pgr: 206-975-5640
- Next message: Cerberus Security Team: "CMD.EXE overflow (CISADV000420)"
- Previous message: Wally Whacker: "ZoneAlarm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]