[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Vulnerability in CamShot server (Authorization)

Title: Vulnerability in CamShot server (Authorization)
Released by: SecuriTeam
Date: 15th September 2000
Printable version: Click here
Vulnerability in CamShot server (Authorization)



CamShot is a web server that serves up web pages containing time stamped

images captured from a video camera. This product contains a remotely

exploitable security vulnerability that allows a remote attacker to gain

elevated privileges on the remote system.


Vulnerable Versions:

CamShot 2.6 trial version ( <http://broadgun.com/camsht26.exe> )


GET / HTTP/1.1

Authorization: Basic ['a'x325]

Since the server crashes in a way that enables attackers to execute

arbitrary code, this vulnerability is quite dangerous.


Vendor has been contacted Saturday, August 26, 2000. No response has been



The security hole was discovered by   Beyond

Security's SecuriTeam.



The information in this bulletin is provided "AS IS" without warranty of any


In no event shall we be liable for any damages whatsoever including direct,

indirect, incidental, consequential, loss of business profits or special



(C) 1999-2000 All rights reserved.