RealServer Memory Contents Disclosure Vulnerability
BID:1957
Info
RealServer Memory Contents Disclosure Vulnerability
| Bugtraq ID: | 1957 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Nov 16 2000 12:00AM |
| Updated: | Nov 16 2000 12:00AM |
| Credit: | This vulnerability was first reported to Bugtraq by Core-SDI <[email protected]> on November 16, 2000. |
| Vulnerable: |
RealNetworks Real Server 7.0 RealNetworks Real Server 6.0 x RealNetworks Real Server 5.0 |
| Not Vulnerable: | |
Discussion
RealServer Memory Contents Disclosure Vulnerability
RealServer is a popular streaming audio and video server from Real Networks.
A vulnerability exists in all versions of RealServer 7 and below that could allow a remote attacker to gain administrative rights and access to server information and data belonging to other user sessions. RealServer will pass random pieces of the server's runtime memory which may contain information on previous sessions including cookies, usernames, passwords and the port number where the administrative server listens. This can be achieved by passing a specific URL request to the server.
RealServer is a popular streaming audio and video server from Real Networks.
A vulnerability exists in all versions of RealServer 7 and below that could allow a remote attacker to gain administrative rights and access to server information and data belonging to other user sessions. RealServer will pass random pieces of the server's runtime memory which may contain information on previous sessions including cookies, usernames, passwords and the port number where the administrative server listens. This can be achieved by passing a specific URL request to the server.
Exploit / POC
RealServer Memory Contents Disclosure Vulnerability
To gather exploitable information from the RealServer, issue the following URL request to the server:
http://targetserver/admin/includes/
To gather exploitable information from the RealServer, issue the following URL request to the server:
http://targetserver/admin/includes/
Solution / Fix
RealServer Memory Contents Disclosure Vulnerability
Solution:
Real Networks has released upgrades for RealServer 7 on various platforms that are affected by this vulnerability. If you are currently running RealServer 6.0 or earlier, please contact the Customer Service group at [email protected] or (206) 674-2651 for further upgrade information.
RealNetworks Real Server 7.0
Solution:
Real Networks has released upgrades for RealServer 7 on various platforms that are affected by this vulnerability. If you are currently running RealServer 6.0 or earlier, please contact the Customer Service group at [email protected] or (206) 674-2651 for further upgrade information.
RealNetworks Real Server 7.0
-
Real Networks g2_7_0update2-intel-nt.exe
http://docs.real.com/docs/server_703_dos/g2_7_0update2-intel-nt.exe -
Real Networks g2_7_0update2-irix-6_2_servinst.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-irix-6_2_servin st.bin -
Real Networks g2_7_0update2-irix-6_5_servinst.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-irix-6_5_servin st.bin -
Real Networks g2_7_0update2-linux-c6.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-linux-c6.bin -
Real Networks g2_7_0update2-solaris-2_6.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-solaris-2_6.bin -
Real Networks g2_7_0update2-solaris-2_7.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-solaris-2_7.bin -
Real Networks g2_7_0update2-solaris-2_8.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-solaris-2_8.bin -
Real Networks g2_7_0update2-unixware-7_0_1_servinst.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-unixware-7_0_1_ servinst.bin -
Real Networks g2_7_0update2-unixware-7_1_0_servinst.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-unixware-7_1_0_ servinst.bin -
Real Networks g2_7_0update2-unixware-7_1_1_servinst.bin
http://docs.real.com/docs/server_703_dos/g2_7_0update2-unixware-7_1_1_ servinst.bin -
Real Networks v70_freebsd-3.0-i386_servinst.bin
http://docs.real.com/docs/server_703_dos/v70_freebsd-3.0-i386_servinst .bin
References
RealServer Memory Contents Disclosure Vulnerability
References:
References:
- Real Networks Support: Security Issues (Real Networks)