TANDBERG Video Communication Server 4.2.1/4.3.0 – Multiple Remote Vulnerabilities

Exploit Database
119 阅读

作者： Jon Hart

日期： 2010-04-12
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/33832/

source: https://www.securityfocus.com/bid/39389/info

TANDBERG Video Communication Server is prone to multiple remote vulnerabilities, including:

1. A file-disclosure vulnerability.

2. A security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks.

3. An authentication-bypass vulnerability.

An attacker can exploit these issues to gain unauthorized access to the affected device and to gain access to sensitive information. Other attacks are also possible.

Firmware versions prior to TANDBERG Video Communication Server 5.1.1 are vulnerable.

https://www.example.com/helppage.php?page=../../../../etc/passwd%00

last Exploits
TANDBERG Video Communication Server 4.2.1/4.3.0 – Multiple Remote Vulnerabilities的更多信息

Mambo Component ‘com_acnews’ – ‘id’ SQL Injection：
CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) – Domain Field (Add DNS Zone) Cross-Site Scripting：
Netartmedia iBoutique.MALL – SQL Injection：
DotNetNuke DNNArticle Module 10.0 – SQL Injection：
Fortify Software Security Center (SSC) 17.10/17.20/18.10 – Information Disclosure：
Tagstoo 2.0.1 – Persistent Cross-Site Scripting：
Academic Timetable Final Build 7.0 – Information Disclosure：
Booking Calendar – Multiple Vulnerabilities：