ID
VAR-200302-0055
TITLE
Axis Communications Video Server Command.CGI File Creation Vulnerability
Trust: 0.3
sources:
BID: 6987
DESCRIPTION
It has been reported that the Axis Video Servers do not properly handle input to the 'command.cgi' script. Because of this, an attacker may be able to create arbitrary files that would result in a denial of service, or potentially command execution.
Trust: 0.3
sources:
BID: 6987
AFFECTED PRODUCTS
vendor: | axis | model: | communications network camera | scope: | eq | version: | 24202.33 | Trust: 0.3 |
vendor: | axis | model: | communications network camera | scope: | eq | version: | 24202.32 | Trust: 0.3 |
vendor: | axis | model: | communications network camera | scope: | eq | version: | 24202.31 | Trust: 0.3 |
vendor: | axis | model: | communications network camera | scope: | eq | version: | 24202.12 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24012.33 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24012.32 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24012.31 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24012.20 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24002.33 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24002.32 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24002.31 | Trust: 0.3 |
vendor: | axis | model: | communications video server | scope: | eq | version: | 24002.20 | Trust: 0.3 |
vendor: | axis | model: | communications ptz network camera | scope: | eq | version: | 21302.32 | Trust: 0.3 |
sources:
BID: 6987
THREAT TYPE
network
Trust: 0.3
sources:
BID: 6987
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 6987
EXTERNAL IDS
db: | BID | id: | 6987 | Trust: 0.3 |
sources:
BID: 6987
REFERENCES
url: | http://www.axis.com/products/camera_servers/index.htm | Trust: 0.3 |
url: | /archive/1/316184 | Trust: 0.3 |
url: | /archive/1/313485 | Trust: 0.3 |
sources:
BID: 6987
CREDITS
Discovery credited to Martin Eiszner <martin@websec.org>.
Trust: 0.3
sources:
BID: 6987
SOURCES
db: | BID | id: | 6987 |
LAST UPDATE DATE
2022-05-17T01:46:09.985000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 6987 | date: | 2003-02-28T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 6987 | date: | 2003-02-28T00:00:00 |