Secunia Security Advisory 39510

Secunia Security Advisory 39510: Posted Apr 22, 2010; Authored by Secunia | Site secunia.com; Secunia Security Advisory - A vulnerability has been reported in Cisco Small Business Video Surveillance Cameras and Security Routers, which can be exploited by malicious users to bypass certain security restrictions.; tags | advisory; systems | cisco; SHA-256 | 57587ef029c1c7dbd3d3cab5d42565435ec5bbf867f145fa31c6814dea718e15; Download | Favorite | View

Secunia Security Advisory 39510

----------------------------------------------------------------------


  Secunia CSI
+ Microsoft SCCM
-----------------------
= Extensive Patch Management

http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/


----------------------------------------------------------------------

TITLE:
Cisco Small Business Video Surveillance and Security Routers Security
Bypass

SECUNIA ADVISORY ID:
SA39510

VERIFY ADVISORY:
http://secunia.com/advisories/39510/

DESCRIPTION:
A vulnerability has been reported in Cisco Small Business Video
Surveillance Cameras and Security Routers, which can be exploited by
malicious users to bypass certain security restrictions.

The vulnerability exists in the handling of requests to the web-based
management interface, which can be exploited to view the device's
configuration data (e.g. user passwords) via a specially crafted
URL.

Successful exploitation requires "setup" privileges on the WVC200 and
WVC210 models and administrative privileges on the RVS4000 model.

The vulnerability is reported in:
* Cisco PVC2300 Business Internet Video Camera - Audio/PoE
* Cisco WVC200 Wireless-G PTZ Internet Video Camera - Audio
* Cisco WVC210 Wireless-G PTZ Internet Video Camera - 2-way Audio
* Cisco WVC2300 Wireless-G Business Internet Video Camera - Audio
* Cisco RVS4000 4-port Gigabit Security Router

SOLUTION:
Update to the fixed version (please see the vendor's advisories for
details).

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20100421-vsc.shtml

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Top Authors In Last 30 Days

Red Hat 217 files
indoushka 135 files
Ubuntu 92 files
Gentoo 33 files
Debian 27 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Google Security Research 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,110)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,913)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,631)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,781)
UNIX (9,441)
UnixWare (187)
Windows (6,676)
Other

Secunia Security Advisory 39510

Secunia Security Advisory 39510

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Secunia Security Advisory 39510

Share This

Secunia Security Advisory 39510

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems