AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/bugtraq/2003-02/0377.html - | |
References | () http://archives.neohapsis.com/archives/bugtraq/2003-03/0370.html - | |
References | () http://www.securityfocus.com/bid/6980 - | |
References | () http://www.websec.org/adv/axis2400.txt.html - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/11440 - |
Information
Published : 2003-12-31 05:00
Updated : 2024-11-20 23:47
NVD link : CVE-2003-1386
Mitre link : CVE-2003-1386
CVE.ORG link : CVE-2003-1386
JSON object : View
Products Affected
axis
- 2401_video_server
- 2400_video_server
CWE
CWE-264
Permissions, Privileges, and Access Controls