RealNetworks video flaws unearthed

Single URL directed at Real server forces shutdown; glitch in Windows Media encoder could interrupt live broadcasts

For the second time in six weeks, a group of South American security researchers has discovered a simple method for breaking RealNetworks streaming video servers. Underground Security Systems Research revealed Thursday that a single URL sent at a Real video server causes the system to stop functioning. The company says it will have a fix for the problem soon.

The vulnerability comes on the heels of an announcement by Microsoft that it had patched a flaw in its Windows Media Encoder that could jeopardize streaming media providers that supply real-time broadcasts of streaming media.

Underground Security Systems Research (USSR) researchers in April released a program called 'realdie.exe' that made it easy for attackers to shut down a Real server. It did not allow a computer intruder to gain access to files on the machine. Thursday's flaw attacks a different mechanism but produces the same result. The group has also told MSNBC it plans to release a third attack within the next few weeks.

A company spokesperson confirmed that the flaw announced Thursday was a real problem, but added that the firm was unaware of any cases where a customer has actually been victimized by the attack. She said it exploits a problem with a technology called 'View Source', which allows content and media file information to be displayed in a Web browser -- as opposed to appearing in a stand-alone player.

The security researchers attempted to warn Real about the flaw before it was published on the security mailing list 'Bugtraq', but e-mails sent to on May 23 only generated automated responses.

A spokesperson said the messages never reached the company's technical support team, and the firm is studying its procedures. It's not uncommon for companies to generate automatic responses to publicly available e-mail addresses. "Every address on our Web site just gets a lot of e-mail," the spokesperson said.

According to the company, administrators concerned about the flaw can protect their servers by shutting off the 'View Source' option. Instructions for that solution are:

  • Step 1: In RealSystem Administrator, click View Source, then click Source Access.

  • Step 2: In the Master Settings area, select "Disable View Source."

What do you think? Tell the Mailroom. And read what others have said.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All