dcsimg
RealTime IT News

It's a (Real) Buffer Overflow Problem

Digital media delivery firm RealNetworks on Friday confirmed a buffer overflow vulnerability in its Helix Universal Server product, warning that a root exploit could give an attacker "inappropriate access" to compromised system.

RealNetworks first warned of the flaw in January this year, describing it as a simple denial-of-service issue but, on Friday, the company released an updated advisory Friday to confirm the existence of a "potential root exploit."

A root exploit could give an attacker complete control over a susceptible machine to execute malicious code.

According to U.K.-based Pentest Limited, which identified the security hole, several of Real's Helix Server products use a common Administration Interface that is available over HTTP and protected by HTTP Basic Authentication. An authenticated attacker could submit malformed HTTP POST requests to the server's Administration interface, triggering a buffer overflow and executing arbitrary code on the server, the company warned.

On Windows platforms where the Helix Server is run as an NT Service, the bug could allow arbitrary code execution under the context of the NT SYSTEM account.

Vulnerable products includes Real's Helix Universal Mobile Server & Gateway 10, version 10.1.1.120 and prior and the Helix Universal Server and Gateway 9, version 9.0.2.881 and prior.

In its confirmation, RealNetworks said it was unaware of actual exploits. "Note also that this vulnerability requires administrator login access to the server/proxy Administration system. If administrator access is properly controlled, the risk of the vulnerability is negligible," RealNetworks said.

It is not the first security-related hiccup for Real's Helix products. Security consultants NGSSoftware has previously warned of high-risk buffer overruns in the Helix Universal Server 9.0 which could allow attackers to run code of their own choosing on a user's machine.

In August last year, another patch for a root exploit vulnerability was issued to plug holes in the RealServer G2, RealSystem Server 7, RealSystem Server 8 and the Helix Universal Server 9.x products.