CVE-2006-6026 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-6026
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-6026

Description: Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field.

CVE Status: Candidate

References: VIM http://www.attrition.org/pipermail/vim/2007-March/001459.html http://www.attrition.org/pipermail/vim/2007-March/001468.html SAID Secunia Advisory: SA22944 MLIST http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html MISC http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml http://gleg.net/helix.txt MILW0RM http://www.milw0rm.com/exploits/3531 CONFIRM http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/463333/100/0/threaded BID 21141 23068

Return to the previous page.