CVE-1999-0896

RealServer G2 - Remote Code Execution via Long Username and Password

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-0896. PoCs published by dark spyrit.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in RealNetworks RealServer G2's web administration feature. It sends a maliciously crafted HTTP request with an overly long 'Authorization' header to overflow the buffer and execute arbitrary code.

Description

Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.

Exploits (2)

exploitdb WORKING POC VERIFIED

by dark spyrit · cremotewindows

https://www.exploit-db.com/exploits/19593

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in RealNetworks RealServer G2's web administration feature. It sends a maliciously crafted HTTP request with an overly long 'Authorization' header to overflow the buffer and execute arbitrary code.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: RealNetworks RealServer G2

No auth needed

Prerequisites: Network access to the target server · Knowledge of the randomly selected administration port

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by dark spyrit · assemblyremotewindows

https://www.exploit-db.com/exploits/19592

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in RealServer's web administration feature by sending a long authentication response. The shellcode is base64 encoded and designed to execute arbitrary code on the server.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: RealServer (version not specified)

No auth needed

Prerequisites: Network access to the target server · Knowledge of the randomly selected administration port

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/767

Various Sources x_refsource_misc

http://service.real.com/help/faq/servg260.html

Scores

EPSS 0.1281

EPSS Percentile 95.8%

Details

Status published

Products (1)

realnetworks/realserver_g2 1.0

Published Nov 04, 1999

Tracked Since Feb 18, 2026