[VIM] Helix Server LoadTestPassword Overflow

George A. Theall theall at tenablesecurity.com
Fri Mar 23 21:14:52 UTC 2007


Has anyone had a chance to look at the buffer overflow in Helix Server 
covered by Evgeny Legerov (http://gleg.net/helix.txt)? SecurityFocus 
assigned it a new BID (23068) but it looks suspciously like the same 
flaw covered by BID 21141 / CVE-2006-6026 from last November. The 
earlier entries both are for the open-source Helix DNA Server while the 
newer one is for RealNetwork's Helix Server. While Legerov's advisory 
talks only of "Helix Server", it references a CVS commit message for the 
open-source variant, which in turn cross-references BID 21141.

Oddly, though, the description SecurityFocus has for the earlier BID 
says "The vendor refutes this issue, stating that the report is 
unsubstantiated". Does this mean the vendor (whichever) simply didn't 
have details for an exploit? Legerov claims to have notified the vendor 
in December...

Btw, I've tested Legerov's PoC against both Helix DNA Server 11.1 and 
Helix Server 11.1.2 on Windows; it crashes both so I suspect the answer 
to my question is "yes".

George
-- 
theall at tenablesecurity.com


More information about the VIM mailing list