Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0240

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0240
Last Modified 05 Sep 2008 04:33:50
Published 09 Jun 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0240

Summary

The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).

Vulnerable Systems


References

CERT-VN - VU#799060

XF - axis-admin-authentication-bypass(12104)

BID - 7652

SECTRACK - 1006854

SECUNIA - 8876

OSVDB - 4804

MISC - http://www.coresecurity.com/common/showdoc.php?idx=329&idxseccion=10

BUGTRAQ - 20030527 CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass


Last Updated: 27 May 2016 10:37:50