|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: RealServer exposes internal IP addresses
From: tschweikle
FIDUCIA.DEDate: Wed Mar 08 2000 - 05:41:33 CST
- Next message: Eric Chien: "Re: NAI/McAfee Viruscan Engine does not scan .VBS files by default"
- Previous message: Tobias Haustein: "Re: PGP Signatures security BUG!"
- Next in thread: Doug Monroe: "Re: RealServer exposes internal IP addresses"
- Reply: Jay C Austad: "Re: RealServer exposes internal IP addresses"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
RealServer exposes internal IP addresses if requested to
deliver real media files:
62.158.114.150 -> 192.168.13.33 HTTP
GET /ramgen/extern/genoverb/weinkauf.rm HTTP/1.0
192.168.13.33 -> 62.158.114.150 HTTP
(proxy) R port=1210
192.168.13.33 -> 62.158.114.150 HTTP
HTTP/1.0 200 OK
192.168.13.33 -> 62.158.114.150 HTTP
rtsp://192.168.13.33:554/extern/genoverb/weinkauf.rm
The Server is located inside a DMZ. Network-Address
translation is in effect from internet as is from campus.
In my opinion this may be usedfull for an intruder, and
RealNetworks should fix this. I've informed them about
6 weeks ago, calling them again four weeks later, then
14 days ago, but no reaction on there side until now.
-- Thomas
- Next message: Eric Chien: "Re: NAI/McAfee Viruscan Engine does not scan .VBS files by default"
- Previous message: Tobias Haustein: "Re: PGP Signatures security BUG!"
- Next in thread: Doug Monroe: "Re: RealServer exposes internal IP addresses"
- Reply: Jay C Austad: "Re: RealServer exposes internal IP addresses"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]