Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.813446
Kategorie:Web application abuses
Titel:Axis Network Camera Multiple Vulnerabilities-June18
Zusammenfassung:Axis Network Cameras is prone to multiple vulnerabilities.
Beschreibung:Summary:
Axis Network Cameras is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- Requests to a world-readable file that are followed by a backslash and end
with the '.srv' extension (e.g. http://example.com/index.html/a.srv) are treated
by the authorization code as standard requests to the index.html and thus
granted access, while the requests are also treated as legitimate requests to
an .srv path, and are thus handled by the .srv handler, simultaneously.

- Legitimate requests that reach /bin/ssid's .srv functionality can choose one
of several actions by setting the action parameter in the query-string of the
request. One possible action is dbus, which allows the user to invoke any
dbus request as root, without any restriction on the destination or content.
Authorization mechanism that is intended to limit dbus request, PolicyKit, is
configured to automatically grant access to requests originating from the root
user.

- The 'parhand ShellParser' does not sanitize special shell characters and also
does not quote the parameter's values. Some of these parameters end up in
configuration files in shell variable assignment format. These parameters are
later used by shell init-scripts which run as a result of the setter command,
that is executed when applying a new value for a parameter by running the
sync command.

- Insufficient sanitation of input passed via 'PATH_INFO' that ends with the
'.srv' extension to a '.cgi' script.

- Insufficient sanitation of 'return_page' and 'servermanager_return_page
query-string parameters in /bin/ssid's .srv functionality.

- An error in the 'libdbus-send.so' shared object triggered due to insufficient
sanitation for crafted dbus-requests.

- Insufficient sanitation of crafted command that can result in a code path
that calls the UND undefined ARM instruction.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to bypass the web-server's authorization mechanism, conduct shell
command injections, crash the httpd process, gain access to sensitive
information, crash '/bin/ssid' process and get unrestricted dbus access for
users of the '.srv' functionality.

Affected Software/OS:
Axis IP Cameras with more than 390 models are
affected. Please see the references for a complete list.

Solution:
Upgrade to latest firmware available from
vendor. Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-10658
Common Vulnerability Exposure (CVE) ID: CVE-2018-10659
Common Vulnerability Exposure (CVE) ID: CVE-2018-10660
Common Vulnerability Exposure (CVE) ID: CVE-2018-10661
Common Vulnerability Exposure (CVE) ID: CVE-2018-10662
Common Vulnerability Exposure (CVE) ID: CVE-2018-10663
Common Vulnerability Exposure (CVE) ID: CVE-2018-10664
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.