TANDBERG Video Communication Server 4.2.1/4.3.0 – Multiple Remote Vulnerabilities

• Exploit Database
• 22 阅读

• 作者： Jon Hart
  日期： 2010-04-12
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/33832/

• source: https://www.securityfocus.com/bid/39389/info
  
  TANDBERG Video Communication Server is prone to multiple remote vulnerabilities, including:
  
  1. A file-disclosure vulnerability.
  2. A security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks.
  3. An authentication-bypass vulnerability.
  
  An attacker can exploit these issues to gain unauthorized access to the affected device and to gain access to sensitive information. Other attacks are also possible.
  
  Firmware versions prior to TANDBERG Video Communication Server 5.1.1 are vulnerable. 
  
  https://www.example.com/helppage.php?page=../../../../etc/passwd%00