Web server vulnerability in Axis Network Cameras, Video Servers and DVRs
From: Axis Product Security (product-security@axis.com)
Date: 12/20/02
- Previous message: Martin Schulze: "[SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 20 Dec 2002 17:22:23 +0100 From: Axis Product Security <product-security@axis.com> To: bugtraq@securityfocus.com
Date: 20 December 2002
1. Topic
Web server vulnerability in Axis Network Cameras, Video Servers and
Network Digital Video Recorders.
2. Description
A potential stack buffer overflow has been found in the authentication
code of the modified version of Boa used in some of the embedded
Linux based Axis products, which may result in DoS attacks, or in a
potential system compromise.
Note: this vulnerability is not present in the official boa distribution
available from <URL:http://www.boa.org/>.
3. Affected products
Axis 2100/2110/2120/2420 Network Camera - Firmware Release 2.33 and
below
Axis 2130 PTZ Network Camera - Firmware Release 2.32
Axis 2400/2401 Video Server - Firmware Release 2.33 and below
Axis 2460 Network DVR - Firmware Release 3.00
Axis 2490 Serial Server - Firmware Release 2.10
Axis 250S MPEG-2 Video Server - Firmware Release 3.01
4. Solution
The part of the authentication code where the buffer overflow may arise
has been corrected and is included in new firmware releases for all
affected products.
5. Releases
Axis 2100 Network Camera (2.33.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2100/sr/
Axis 2110 Network Camera (2.33.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2110/sr/
Axis 2120 Network Camera (2.33.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2120/sr/
Axis 2420 Network Camera (2.33.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2420/sr/
Axis 2130 PTZ Network Camera (2.32.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2130/sr/
Axis 2400 Video Server (2.33.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2400/sr/
Axis 2401 Video Server (2.33.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2401/sr/
Axis 250S MPEG-2 Video Server (3.02 RC1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_250s/release_candidate/3_02/
Axis 2460 Network Digital Video Recorder (3.01)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2460/sr/
Axis 2490 Serial Server (2.11.1)
- ftp://ftp.axis.com/pub_soft/cam_srv/cam_2490/sr/
Axis Developer Board LX
Axis Device Server Platform
Axis Developer Board for Bluetooth
- http://developer.axis.com/download/apps/apps-boa-R1_1_19-2_33_2.tgz
6. Acknowledgement
Thanks to D.C. van Moolenbroek (dcvmoole@cs.vu.nl) and M.C. Schrijver
(m.c.schrijver@student.utwente.nl) for disclosing this
vulnerability to Axis Communications AB.
- Next message: Michal Zalewski: "[RAZOR] Problems with mkstemp()"
- Previous message: Martin Schulze: "[SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
