Home page logo

bugtraq logo Bugtraq mailing list archives

Re: RealPlayer bug
From: "obscure" <obscure () eyeonsecurity net>
Date: Mon, 4 Mar 2002 23:15:25 +0100

Granted that it listens to localhost only, it could still be a huge problem
depending on the configuration of the server. For example the server could
running a proxy and at the same time have realplayer on.

Therefore an attacker would connect to the Proxy and bounce from there to

I do not run realplayer at the moment so this is all hypothetical.

 Obscure - http://eyeonsecurity.net

----- Original Message -----
From: "Michiel Heijkoop" <myself () mhil net>
To: <bugtraq () securityfocus com>
Sent: Sunday, March 03, 2002 10:17 PM
Subject: Re: RealPlayer bug


On Sat, Mar 02, 2002 at 09:16:53PM +0300, ┬žome1 wrote:
from now realplay.exe will listen on port 1275 TCP
As the URL indicates, it's well possible that the webserver only listens
to, which wouldn't make it a large security risk, unless its ran
on an NT-machine under an admin-account and accessed by a regular user,
which could then have read-access to files, he/she shouldn't have it to.
Perhaps someone with Realplayer installed can check wether this miniserver
is binding to all interfaces, or just the loopback?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]