On November 4, 1999, a RealServer G2 security exploit, affecting the Microsoft Windows NT version of the RealServer G2 6.0 (v126.96.36.1994), was brought to the attention of RealNetworks. The specific exploit involves a buffer overflow while accessing the RealSystem Administrator port.
By sending a long user name and password pair it is possible to overflow the buffer and execute arbitrary code on the RealServer. RealNetworks has verified this specific exploit. Additional information about the conditions enabling this exploit are below:
Information about the conditions enabling this exploit:
Actions to eliminate the risk of the exploit:
Customers running RealServer G2 6.0 on Microsoft Windows NT can prevent this specific attack by using an access control rule to prevent connections from unknown computers to their RealSystem Administrator port. The access control feature lets you associate certain client addresses with permissions to connect to certain RealServer ports. When this feature is used the exploit is no longer possible.
For more information on the access control feature see, "Chapter 10: Limiting Access to RealServer," in the RealServer Administration Guide.
In addition to this, RealNetworks has made patches available for all RealServer G2 6.0 (v188.8.131.524) platforms to prevent this exploit.
To install this patch: