Hi!
RealServer exposes internal IP addresses if requested to
deliver real media files:
62.158.114.150 -> 192.168.13.33 HTTP
GET /ramgen/extern/genoverb/weinkauf.rm HTTP/1.0
192.168.13.33 -> 62.158.114.150 HTTP
(proxy) R port=1210
192.168.13.33 -> 62.158.114.150 HTTP
HTTP/1.0 200 OK
192.168.13.33 -> 62.158.114.150 HTTP
rtsp://192.168.13.33:554/extern/genoverb/weinkauf.rm
The Server is located inside a DMZ. Network-Address
translation is in effect from internet as is from campus.
In my opinion this may be usedfull for an intruder, and
RealNetworks should fix this. I've informed them about
6 weeks ago, calling them again four weeks later, then
14 days ago, but no reaction on there side until now.
--
Thomas
