OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: [NEWS] Vulnerability in CamShot server (Authorization)
From: Aviram Jenik (aviramBEYONDSECURITY.COM)
Date: Fri Sep 15 2000 - 06:58:28 CDT


The following security advisory is sent to the securiteam mailing list, and
can be found at the SecuriTeam web site: http://www.securiteam.com

Vulnerability in CamShot server (Authorization)
----------------------------------------------------------------------------

SUMMARY

CamShot is a web server that serves up web pages containing time stamped
images captured from a video camera. This product contains a remotely
exploitable security vulnerability that allows a remote attacker to gain
elevated privileges on the remote system.

DETAILS

Vulnerable Versions:
CamShot 2.6 trial version ( <http://broadgun.com/camsht26.exe> )

Example:

GET / HTTP/1.1<enter>
Authorization: Basic ['a'x325]<enter><enter>

Since the server crashes in a way that enables attackers to execute
arbitrary code, this vulnerability is quite dangerous.

Vendor:
Vendor has been contacted Saturday, August 26, 2000. No response has been
received.

ADDITIONAL INFORMATION

The security hole was discovered by <mailto:expertsecuriteam.com> Beyond
Security's SecuriTeam.

====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any
kind.
In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
====================

--
Aviram Jenik
Beyond Security Ltd.
http://www.BeyondSecurity.com
http://www.SecuriTeam.com