We found multiple vulnerabilities on Axis 2100 IP cameras affecting both
old firmware versions and the latest firmware (2.43).
The research is made of two components: a purple paper and a video. The
research doesn't just cover boring PoCs, but actual Hollywood-style
exploits :-) . Yes, this includes the classic attack in which the
legitimate video stream gets replaced by another stream that keeps
looping forever!
Why am I posting this to the webappsec mail list? Because the exploits
covered attack the web interface of these IP cameras.
More info can be found on:
http://www.procheckup.com/Vulnerability_2007.php
Regards,
AP.
-------------------------------------------------------------------------
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------
Received on Sep 27 2007
Intro
