CVE-2000-1181
published 2001-01-09CVE-2000-1181: Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by…
PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
7.85%
94.0th percentile
Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | realserver | — | — |
| realnetworks | realserver | — | — |
| realnetworks | realserver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-88g6-h8fq-4gqq: Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive inform
ghsa_unreviewed·2022-04-30
CVE-2000-1181 [MEDIUM] GHSA-88g6-h8fq-4gqq: Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive inform
Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL.
Juniper
CVE-2008-1181: Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain sensitive information via a direct request for remediate.cg
vendor_juniper·2008-03-06·CVSS 5.0
CVE-2008-1181 [MEDIUM] CWE-200 CVE-2008-1181: Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain sensitive information via a direct request for remediate.cg
CVE-2008-1181: Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an "Execute failed" error message.
No detection rules found.
Exploit-DB
Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure
exploitdb·2008-02-28
CVE-2008-1181 Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure
Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure
---
source: https://www.securityfocus.com/bid/28037/info
Juniper Networks Secure Access 2000 is prone to a path-disclosure vulnerability.
Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks.
Secure Access 2000 5.5R1 Build 11711 is vulnerable; other versions may also be affected.
https://www.example.com/dana-na/auth/remediate.cgi?action=&step=preauth
https://www.example.com/dana-na/auth/remediate.cgi?step=preauth
Exploit-DB
RealServer 5.0/6.0/7.0 - Memory Contents Disclosure
exploitdb·2000-11-16
CVE-2000-1181 RealServer 5.0/6.0/7.0 - Memory Contents Disclosure
RealServer 5.0/6.0/7.0 - Memory Contents Disclosure
---
source : https://www.securityfocus.com/bid/1957/info
RealServer is a popular streaming audio and video server from Real Networks.
A vulnerability exists in all versions of RealServer 7 and below that could allow a remote attacker to gain administrative rights and access to server information and data belonging to other user sessions. RealServer will pass random pieces of the server's runtime memory which may contain information on previous sessions including cookies, usernames, passwords and the port number where the administrative server listens. This can be achieved by passing a specific URL request to the server.
To gather exploitable information from the RealServer, issue the following URL request to the server:
http://tar
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2000-11/0236.htmlhttp://service.real.com/help/faq/security/memory.htmlhttp://www.securityfocus.com/bid/1957https://exchange.xforce.ibmcloud.com/vulnerabilities/5538http://archives.neohapsis.com/archives/bugtraq/2000-11/0236.htmlhttp://service.real.com/help/faq/security/memory.htmlhttp://www.securityfocus.com/bid/1957https://exchange.xforce.ibmcloud.com/vulnerabilities/5538
2001-01-09
Published