Home page logo

bugtraq logo Bugtraq mailing list archives

RealServer exposes internal IP addresses
From: tschweikle () FIDUCIA DE (tschweikle () FIDUCIA DE)
Date: Wed, 8 Mar 2000 12:41:33 +0100

RealServer exposes internal IP addresses if requested to
deliver real media files: -> HTTP
  GET /ramgen/extern/genoverb/weinkauf.rm HTTP/1.0 -> HTTP
  (proxy) R port=1210 -> HTTP
  HTTP/1.0 200 OK -> HTTP

The Server is located inside a DMZ. Network-Address
translation is in effect from internet as is from campus.

In my opinion this may be usedfull for an intruder, and
RealNetworks should fix this. I've informed them about
6 weeks ago, calling them again four weeks later, then
14 days ago, but no reaction on there side until now.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]