aviramBEYONDSECURITY.COM

• Next message: Casper Dik: "Re: Format String Attacks"
• Previous message: Guido Bakker: "Sambar Server search CGI vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The following security advisory is sent to the securiteam mailing list, and
can be found at the SecuriTeam web site: http://www.securiteam.com

Vulnerability in CamShot server (Authorization)
----------------------------------------------------------------------------

SUMMARY

CamShot is a web server that serves up web pages containing time stamped
images captured from a video camera. This product contains a remotely
exploitable security vulnerability that allows a remote attacker to gain
elevated privileges on the remote system.

DETAILS

Vulnerable Versions:
CamShot 2.6 trial version ( <http://broadgun.com/camsht26.exe> )

Example:

GET / HTTP/1.1<enter>
Authorization: Basic ['a'x325]<enter><enter>

Since the server crashes in a way that enables attackers to execute
arbitrary code, this vulnerability is quite dangerous.

Vendor:
Vendor has been contacted Saturday, August 26, 2000. No response has been
received.

ADDITIONAL INFORMATION

The security hole was discovered by <mailto:expertsecuriteam.com> Beyond
Security's SecuriTeam.

====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any
kind.
In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
====================

--
Aviram Jenik
Beyond Security Ltd.
http://www.BeyondSecurity.com
http://www.SecuriTeam.com

• Next message: Casper Dik: "Re: Format String Attacks"
• Previous message: Guido Bakker: "Sambar Server search CGI vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]