Home page logo

bugtraq logo Bugtraq mailing list archives

RealPlayer bug
From: "§ome1" <exe () FlashMail com>
Date: Sat, 2 Mar 2002 21:16:53 +0300

open RealPlayer, go to --> File ---> Open File.. ---> Select any real media
file.. ex: c:\music\file.ram
Play the file.

Now go to ---> View ---> Clip Source

realplayer will open the url
from now realplay.exe will listen on port 1275 TCP

as you can see, real player have a (Mini WebServer) that listen on port 1275

I only tested the ../../ bug

Result: my boot.ini

Vulnerable version: 6.0.7

other version? maybe..

C:\>fport |grep real
Pid       Process       Port      Proto     Path
1964    realplay   ->  1275     TCP      C:\Program

exe () flashmail com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]