Master IP CAM version 01 has a hardcoded root password and suffers from multiple unauthenticated access vulnerabilities.
1b7b16dc033365ff3162c79dfd711a78130a165f689c53737f95802789f1b521
This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, when handling a specially crafted sURL argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.
5a88ff9a13dc712f648150200591ec804a09cb0631600c4db7449f3c17604a4b
This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.
2dfadd85c9c6ae2a3b6dbc4fd0a0377aac24947c5d90300dbf9bd50e9aa7ebe9
InCoP (Invisible CamOuflage Protocol) enables the communication between secure systems such as NIDS, ideally located in isolated networks. This hybrid daemon is capable of hiding information by learning from the network and, in a second stage, of sending similar traffic in order to hide the messages as a cover channel does.
c768e433735d4d709fc03347480e852525e812532fc5d8ba45ee91d978044d24
Secunia Security Advisory - A vulnerability has been reported in the Campaign Monitor module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
4cc6d2225fa3b10d157826f31126c15c92831ba5c55771ed210fbcebd5efd142
Drupal third party module Campaign Monitor versions 6.x-2.x prior to 6.x-2.5 suffer from a cross site scripting vulnerability.
fcf698f74e9bd805c5289afb6e0ad89ddcb88901f7884f93b45a0a3a837ab1eb
Vivotek Cameras suffer from a configuration disclosure vulnerability that leaks password information.
d058e2a1787927c136f919f18b911e8101c71269a4d32b051967630ea19ce337
Secunia Security Advisory - A vulnerability has been reported in Edimax IC-3030iWn Network Camera, which can be exploited by malicious people to disclose sensitive information.
f4cd0de086ff9f40c210133d0848e3f36873522b32307d11c836b710be647608
The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.
cd526d96e19262e3b3c0e25617019f84a594ac02d555f92b3a0491802618f9b0
ToorCamp is a five-day open-air event for hackers, makers, breakers, and shakers. ToorCamp is where you get together with the rest of the best in a relaxing, beautiful atmosphere, and exchange ideas with the brightest technology experts from around the world. The camp has everything you need: power, internet, food and fun. Bring your tent, bring a friend ? and get ready to reunite and reignite with really smart people, just like you. It will take place at the Hobuck Beach Resort in Neah Bay, Washington August 8th through the 12th, 2012.
3ab8ae04cdb392e8cde6a855fe0321cfdb2744923dd3c58966ac7e044efc4d60
This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.
dbd0c9ab83279260de0fbf18041f491375843cf365e6a1c3874208c117b871ef
Jogjacamp suffers from a cross site scripting vulnerability.
3147ee47d9ced5d677c07167d08d56a086eb813bcbb26c507ecba32c48c3c6e5
Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in TRENDnet UltraMJCam ActiveX Control, which can be exploited by malicious people to compromise a user's system.
d232e8935e3373309b56ab8fbad2bb22548f62f8d9e9ac48fea9f8f5defc153a
Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Camera Stream Client ActiveX Control, which can be exploited by malicious people to compromise a user's system.
0f4504cc49e35bf338bc479bad45e5714cbb5312754432f200fd859dc09d41e8
The D-Link SecuriCam DCS-5605 Network Surveillance DcsCliCtrl.dll active-x control suffers from a buffer overflow vulnerability. Proof of concept code included.
1edd0a6afe6d31147b097c2127b64cc9e88a0013161e4c6fafa7d291d19e8ba8
The TRENDnet SecurView TV-IP121WN wireless internet camera UltraMJCam active-x control suffers from an OpenFileDlg() WideCharToMultiByte remote buffer overflow. Proof of concept code included.
a1448bcd0d8740d3db37283f486bc15f2158a7b7818ccafbfc0569b5d3cb8984
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT active-x control (PlayerPT.ocx) suffers from a sprintf buffer overflow vulnerability. Version 1.0.0.15 is affected.
3933dd1431da4c063e62908b6d60cf61accefadfda1561e952bfa4c9d5163a86
This Metasploit module exploits a vulnerability in Dell Webcam's CrazyTalk component. Specifically, when supplying a long string for a file path to the BackImage property, an overflow may occur after checking certain file extension names, resulting in remote code execution under the context of the user.
c9f9dfe042de7f5d659677f6a10aa38d77f8bd3e8e047325d2dceb11e6f8874c
Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Dell Webcam Central, which can be exploited by malicious people to compromise a user's system.
66db5b09e29e9cef90b64187179f01dcb147da69964aa4b9278638837a67ea71
The Dell Webcam software bundled active-x control CrazyTalk4Native.dll suffers from a remote buffer overflow vulnerability.
4602832995fbcf6a2ccdc7e3b461f2c912eb866acd281ca2f1041eff63882cc0
Red Hat Security Advisory 2012-0396-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. A flaw was found in the way LDAP authentication was handled. If the LDAP bind account credentials became invalid, subsequent log in attempts with any password for user accounts created via LDAP were successful. A remote attacker could use this flaw to log into LDAP-based JBoss ON accounts without knowing the correct passwords.
145fc959fbc7cc8bfb9b7e7eccef6c448ffafe94e95ffa18be3f080b0c3cbf48
This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.
bc712e2a0634304709e04fab0e0b399f87ad8994ef78b54e906ba338a89de632
WebcamXP and Webcam7 suffer from a directory traversal vulnerability.
d8deb6afe4f219e4e760d3a7e556e9078532191fa12d6a586fda9d318e44c4fa
Secunia Security Advisory - A vulnerability has been reported in OCaml, which can be exploited by malicious people to cause a DoS (Denial of Service).
e72fa6518578bdc435ab20d1c4fd5806e8bc2a704b1ec39f6375f5998435c4f9
Secunia Security Advisory - A vulnerability has been reported in Campaign Enterprise, which can be exploited by malicious users to conduct SQL injection attacks.
3ce42bdb5f60e8ad47a6fed415c8988e58fa4af143f71d54c28015e96c991dec
Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.
a6e7c8d4760e5b9abb987effc8b747e80986605d0bf70dbc3709453031e5931f