Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Network Appliances :: nokipso.txt

Nokia IPSO Vulnerability






There is a remote security vulnerability in the Nokia IPSO operating
system.

Anyone with access to the webgui (Voyager) on the Nokia IP-box
can read any file on the system.

For example, login as the user 'monitor' (disabled by default)
and use the readfile.tcl to read any file:

<http://x.x.x.x/cgi-bin/readfile.tcl?file=/etc/master.passwd>

Tested on IPSO 3.6-FCS6


Regards,
Jonas Eriksson
<http://sekure.net>



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH