InfoSec Handlers Diary Blog

SANS Site Network
- Current Site
- SANS Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

RealServer Vulnerability, Exploit and Scans

Published: 2003-08-29
Last Updated: 2003-08-30 01:28:27 UTC
by Handlers (Version: 1)

Earlier this week, a vulnerability in RealServer was announce. This vulnerability may be exploitable via port 554, 7070, 8080, 9090 and 22010. After the announcement, we did see a notable increase in scans for port 554 and 7070.

At this point, no patch is available. However, Real published configuration options to avoid the vulnerability.

Real Networks Announcement:

http://service.real.com/help/faq/security/rootexploit082203.html

Port 554 Graph:

http://isc.sans.org/port_details.html?port=554

Port 7070 Graph:

http://isc.sans.org/port_details.html?port=7070

Please send any additional information, like packet captures, to isc@sans.org .

Keywords:

0 comment(s)

Diary Archives