Details of VAR-200511-0357

ID

VAR-200511-0357

CVE

CVE-2005-3490

TITLE

Asus VideoSecurity WEB Server Directory Traversal Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200511-116

DESCRIPTION

Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL. Asus VideoSecurity Online is prone to a directory traversal vulnerability. Exploitation could allow a remote attacker to obtain sensitive information that could be used to mount further attacks. The Web server included with Asus VideoSecurity Online is not enabled by default. This vulnerability is reported to affect Asus VideoSecurity Online 3.5.0 and earlier. VideoSecurity is a powerful video surveillance software. TITLE: Asus VideoSecurity Online Two Vulnerabilities SECUNIA ADVISORY ID: SA17419 VERIFY ADVISORY: http://secunia.com/advisories/17419/ CRITICAL: Moderately critical IMPACT: Unknown, Exposure of sensitive information WHERE: >From remote SOFTWARE: Asus VideoSecurity Online 3.x http://secunia.com/product/6043/ DESCRIPTION: Luigi Auriemma has reported two vulnerabilities in Asus VideoSecurity Online, where one has an unknown impact, and the other can be exploited by malicious people to disclose sensitive information. 1) A boundary error in the authorisation handling can be exploited to cause a buffer overflow by sending a specially crafted request to the web server. 2) An input validation error in the request handling can be exploited to disclose the content of arbitrary files via directory traversal attacks. The vulnerabilities have been reported in version 3.5.0.0 and prior. Other versions may also be affected. SOLUTION: Disable the built-in web server. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/asusvsbugs-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-3490 // BID: 15281 // VULHUB: VHN-14699 // PACKETSTORM: 41249

AFFECTED PRODUCTS

vendor:	asus	model:	video security online	scope:	lte	version:	3.5.0.0	Trust: 1.0
vendor:	asus	model:	video security online	scope:	eq	version:	3.5.0.0	Trust: 0.6
vendor:	asus	model:	videosecurity online	scope:	eq	version:	3.5	Trust: 0.3

sources: BID: 15281 // CNNVD: CNNVD-200511-116 // NVD: CVE-2005-3490

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-3490
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200511-116
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-14699
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-3490
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-14699
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-14699 // CNNVD: CNNVD-200511-116 // NVD: CVE-2005-3490

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3490

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200511-116

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-200511-116

EXTERNAL IDS

db:	BID	id:	15281	Trust: 2.0
db:	SECUNIA	id:	17419	Trust: 1.8
db:	NVD	id:	CVE-2005-3490	Trust: 1.7
db:	CNNVD	id:	CNNVD-200511-116	Trust: 0.7
db:	FULLDISC	id:	20051102 BUFFER-OVERFLOW AND DIRECTORY TRAVERSAL IN ASUS	Trust: 0.6
db:	VULHUB	id:	VHN-14699	Trust: 0.1
db:	PACKETSTORM	id:	41249	Trust: 0.1

sources: VULHUB: VHN-14699 // BID: 15281 // PACKETSTORM: 41249 // CNNVD: CNNVD-200511-116 // NVD: CVE-2005-3490

REFERENCES

url:	http://aluigi.altervista.org/adv/asusvsbugs-adv.txt	Trust: 1.8
url:	http://www.securityfocus.com/bid/15281	Trust: 1.7
url:	http://secunia.com/advisories/17419	Trust: 1.7
url:	http://marc.info/?l=full-disclosure&m=113096055302614&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=full-disclosure&m=113096055302614&w=2	Trust: 0.6
url:	http://www.asus.com/products1.aspx?l1=2&share=icon/12	Trust: 0.3
url:	/archive/1/415640	Trust: 0.3
url:	http://marc.info/?l=full-disclosure&m=113096055302614&w=2	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/17419/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/6043/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-14699 // BID: 15281 // PACKETSTORM: 41249 // CNNVD: CNNVD-200511-116 // NVD: CVE-2005-3490

CREDITS

Discovery is credited to Luigi Auriemma <aluigi@autistici.org>.

Trust: 0.9

sources: BID: 15281 // CNNVD: CNNVD-200511-116

SOURCES

db:	VULHUB	id:	VHN-14699
db:	BID	id:	15281
db:	PACKETSTORM	id:	41249
db:	CNNVD	id:	CNNVD-200511-116
db:	NVD	id:	CVE-2005-3490

LAST UPDATE DATE

2024-08-14T14:42:12.606000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-14699	date:	2016-10-18T00:00:00
db:	BID	id:	15281	date:	2005-11-02T00:00:00
db:	CNNVD	id:	CNNVD-200511-116	date:	2005-11-15T00:00:00
db:	NVD	id:	CVE-2005-3490	date:	2016-10-18T03:35:50.090

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-14699	date:	2005-11-04T00:00:00
db:	BID	id:	15281	date:	2005-11-02T00:00:00
db:	PACKETSTORM	id:	41249	date:	2005-11-03T23:53:58
db:	CNNVD	id:	CNNVD-200511-116	date:	2005-11-03T00:00:00
db:	NVD	id:	CVE-2005-3490	date:	2005-11-04T00:02:00