Master IP CAM version 01 has a hardcoded root password and suffers from multiple unauthenticated access vulnerabilities.
253eee4323841717bf3ffd8d13607ed9
This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, when handling a specially crafted sURL argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.
ecab8e56ceac6dddbd1e6960e3f65b68
This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.
acdba609d7271195f26d8234afdc02d7
InCoP (Invisible CamOuflage Protocol) enables the communication between secure systems such as NIDS, ideally located in isolated networks. This hybrid daemon is capable of hiding information by learning from the network and, in a second stage, of sending similar traffic in order to hide the messages as a cover channel does.
73d8f1be5b3e618a029f7bcbb5aa1bb2
Secunia Security Advisory - A vulnerability has been reported in the Campaign Monitor module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
a8613438ee41e1dc18fdfed5d5707ebd
Drupal third party module Campaign Monitor versions 6.x-2.x prior to 6.x-2.5 suffer from a cross site scripting vulnerability.
29628b652ae555f8d44729bbbd484cdb
Vivotek Cameras suffer from a configuration disclosure vulnerability that leaks password information.
5e93d9030a49b7716a91b478b42a3d38
Secunia Security Advisory - A vulnerability has been reported in Edimax IC-3030iWn Network Camera, which can be exploited by malicious people to disclose sensitive information.
3f5fb708740b7246cca1c25ebcfd1d30
The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.
532e6e641a0c8ade262cbaa881911f2b
ToorCamp is a five-day open-air event for hackers, makers, breakers, and shakers. ToorCamp is where you get together with the rest of the best in a relaxing, beautiful atmosphere, and exchange ideas with the brightest technology experts from around the world. The camp has everything you need: power, internet, food and fun. Bring your tent, bring a friend ? and get ready to reunite and reignite with really smart people, just like you. It will take place at the Hobuck Beach Resort in Neah Bay, Washington August 8th through the 12th, 2012.
a5151583c0bdbaaf40cc114ed78f4c9b
This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.
15d2d978ad455bf415028fd1a31ba6b3
Jogjacamp suffers from a cross site scripting vulnerability.
85152f548afa3c9ff8623eee76e81c49
Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in TRENDnet UltraMJCam ActiveX Control, which can be exploited by malicious people to compromise a user's system.
3b74d61ea1a3844c006f6841ea4f3544
Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Camera Stream Client ActiveX Control, which can be exploited by malicious people to compromise a user's system.
d8ef7b7b7251607b146d2a183d7181fa
The D-Link SecuriCam DCS-5605 Network Surveillance DcsCliCtrl.dll active-x control suffers from a buffer overflow vulnerability. Proof of concept code included.
186fc27b271ab8fae99dc2b6c7e73403
The TRENDnet SecurView TV-IP121WN wireless internet camera UltraMJCam active-x control suffers from an OpenFileDlg() WideCharToMultiByte remote buffer overflow. Proof of concept code included.
bfdc95f34b587a6220c980b11b687525
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT active-x control (PlayerPT.ocx) suffers from a sprintf buffer overflow vulnerability. Version 1.0.0.15 is affected.
730bb028ae282480a4815fc29333f4f2
This Metasploit module exploits a vulnerability in Dell Webcam's CrazyTalk component. Specifically, when supplying a long string for a file path to the BackImage property, an overflow may occur after checking certain file extension names, resulting in remote code execution under the context of the user.
42ff81cf9b2a268c16c81ea33c65e47c
Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Dell Webcam Central, which can be exploited by malicious people to compromise a user's system.
a6c31db7dd0cc5d5c2e403e490fbe2a6
The Dell Webcam software bundled active-x control CrazyTalk4Native.dll suffers from a remote buffer overflow vulnerability.
46a3633162cfd36bb9ad8e41945a01fa
Red Hat Security Advisory 2012-0396-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. A flaw was found in the way LDAP authentication was handled. If the LDAP bind account credentials became invalid, subsequent log in attempts with any password for user accounts created via LDAP were successful. A remote attacker could use this flaw to log into LDAP-based JBoss ON accounts without knowing the correct passwords.
3e4d1d8f0f8720becbbd9b1a798952da
This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.
2626d08c17b93cf4cd5a93c330ea5ab0
WebcamXP and Webcam7 suffer from a directory traversal vulnerability.
01e71e309458623f0fcc3510540188f4
Secunia Security Advisory - A vulnerability has been reported in OCaml, which can be exploited by malicious people to cause a DoS (Denial of Service).
d136e8070ef0dab238f32a50ab6a817e
Secunia Security Advisory - A vulnerability has been reported in Campaign Enterprise, which can be exploited by malicious users to conduct SQL injection attacks.
0203bf2180e610c9039f21be5cd4e782
Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.
ec20548ba9402a347c1329c29fcf022c