Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: camshot1.htm

CamShot server 2.6 trial version elevated privileges



Vulnerability

    CamShot

Affected

    CamShot server 2.6 trial version

Description

    Aviram Jenik found following.  CamShot is a web server that serves
    up web pages containing time stamped images captured from a  video
    camera.   This product  contains a  remotely exploitable  security
    vulnerability  that  allows  a  remote  attacker  to gain elevated
    privileges on the remote system.  Example:

        GET / HTTP/1.1<enter>
        Authorization: Basic ['a'x325]<enter><enter>

    Since  the  server  crashes  in  a  way  that enables attackers to
    execute arbitrary code, this vulnerability is quite dangerous.

Solution

    Vendor has been contacted Saturday, August 26, 2000.  No  response
    has been received.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH