[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] [PoC] Nasty bug(s) found in Axis Network Camera/Video Servers

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] [PoC] Nasty bug(s) found in Axis Network Camera/Video Servers
From: bashis <mcw@xxxxxx>
Date: Sun, 22 Aug 2004 18:37:06 +0200 (CEST)

> password issues known to exist..
Yes.

> http://www.google.com/search?hl=en&lr=&ie=UTF-8&newwindow=1&safe=off&q=axis+camera+exploit
>
> http://www.google.com/search?hl=en&lr=&ie=UTF-8&newwindow=1&safe=off&q=axis+camera+vulnerability
> 
> or...
> http://www2.corest.com/common/showdoc.php?idx=329&idxseccion=10
> http://www.securityfocus.com/bid/3640/exploit/
Not the same stuff..

'axis-wh00t.sh' adding a new user 'wh00t' with password 'wh00t' with Admin
priviliges, as anonymous viewer. No matter what password root have.

Read it, try it, understand it, before useless postings..

> >To: security@xxxxxxxx
> >Date: Mon, 16 Aug 2004 22:48:38 +0200 (CEST)
> 
> try the contact page?
> http://www.axis.com/corporate/contact.htm

No mailer-daemon received on 'security@xxxxxxxx' post.

Have a nice day
/bashis

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] [PoC] Nasty bug(s) found in Axis Network Camera/Video Servers
  - From: morning_wood

Prev by Date: RE: [Full-Disclosure] The 'good worm' from HP
Next by Date: Re: [Full-Disclosure] [PoC] Nasty bug(s) found in Axis Network Camera/Video Servers
Previous by thread: Re: [Full-Disclosure] [PoC] Nasty bug(s) found in Axis Network Camera/Video Servers
Next by thread: Re: [Full-Disclosure] [PoC] Nasty bug(s) found in Axis Network Camera/Video Servers
Index(es):
- Date
- Thread