Home page logo

bugtraq logo Bugtraq mailing list archives

From: ian.vitek () INFOSEC SE (Vitek, Ian)
Date: Mon, 7 Feb 2000 14:01:40 +0100

Infosec Security Vulnerability Report
No: Infosec.20000207.axis700.a

Vulnerability Summary

Problem: Bypassing authentication on Axis 700 Network Scanner;
               By modifying an URL, outsiders can access
               administrator URLs without entering username
               and password.

Threat: Unauthorized access.

Platform: Axis 700 Network Scanner Server
               (Software Version 1.12)

Solution: Non? Se below.

Vulnerability Description
User pages are located under http://server/user/.
The URL to the configuration page is:
This page is password protected. The actual configuration takes place on the
pages linked from this page. By changing the URL to:
gives an outsider access to the configuration page without entering username and
password. The server seems to check access permissions before URL conversion.
The server also decodes %1u to %2e (not a vulnerability).


You will find the latest version on http://www.axis.se/techsup

Best Regards


Nothing says that version 1.14 will fix this vulnerability.

Other information
Infosec recommends everyone to try to access their authorized pages with URLs

Infosec thanks weld at l0pht for the inspiration

//Ian Vitek
ian.vitek () infosec se

Infosec is a Swedish based tigerteam that have worked with computer-related
security since 1982 and done penetration tests and technical revisions since
1996. Infosec is now searching for co-workers. Call Blume on +46-8-6621070 for
more information.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]