[TriLUG] Security holes. Revealed by searching yahoo and google

Ian Kilgore ian at trilug.org
Fri Jan 14 12:36:14 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

paul wrote:

| On Thu, 13 Jan 2005 23:05:11 +0000, erik at underhanded.org
| <erik at underhanded.org> wrote:
|
|> On Thu, Jan 13, 2005 at 03:31:50PM -0500, Mike Fieschko wrote:
|>
|>> Misconfigured MySQL servers accessible though phpmyadmin:
|>>
|>> http://www.threadwatch.org/node/1082
|>>
|>> [begin quoting]
|>>
|>> Hot on the heals of the recent Google unsecured Webcams search
|>> news comes in via rumours at threadwatch.org of an even more
|>> serious security breach made available by search engine
|>> queries.
|>
|> Yeah, there's quite a few more interesting searches here:
|> http://johnny.ihackstuff.com/index.php?module=prodreviews
|>
|> And the whole webcam thing started with a thread on
|> somethingawful.com when people looked at the above site, and
|> quickly started finding as many webcams as possible.  (which was
|> then subsequently leaked to boingboing and then to slashdot)  Fun
|> fun!
|
|
|
| I can't remember the first time that I played with finding those
| cameras, it must have been more than a year ago or more now. I will
|  check to make sure that I am correct, but on most of them there
| was a vulnerability that would allow you to double-slash the
| //admin in the url and have access to administer the camera.
|
| confirmed:
| http://www1.corest.com/common/showdoc.php?idx=329&idxseccion=10

yup, on some firmware versions.  on axis cams.  its a bit limited
though.  another (older) one lets you access cgi-bin/paramtool without
auth, which gives all kinds of fun stuff, like the root password hash...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFB6AMMwsRpgTiXSOERAsu8AKCZnUa75lviDbRVY/rUrj6DBKPr+gCgtPoE
s8AynoG4ExUL9IKvXcI274k=
=rrws
-----END PGP SIGNATURE-----




More information about the TriLUG mailing list