TANDBERG Video Communication Server Multiple Remote Vulnerabilities
BID:39389
Info
TANDBERG Video Communication Server Multiple Remote Vulnerabilities
| Bugtraq ID: | 39389 |
| Class: | Unknown |
| CVE: |
CVE-2009-4511 CVE-2009-4510 CVE-2009-4509 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 12 2010 12:00AM |
| Updated: | Apr 12 2010 12:00AM |
| Credit: | Jon Hart and Timothy D. Morgan |
| Vulnerable: |
Tandberg Video Communication Server 4.2.1 Tandberg Video Communication Server 4.3.0 |
| Not Vulnerable: |
Tandberg Video Communication Server 5.1.1 |
Discussion
TANDBERG Video Communication Server Multiple Remote Vulnerabilities
TANDBERG Video Communication Server is prone to multiple remote vulnerabilities, including:
1. A file-disclosure vulnerability.
2. A security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks.
3. An authentication-bypass vulnerability.
An attacker can exploit these issues to gain unauthorized access to the affected device and to gain access to sensitive information. Other attacks are also possible.
Firmware versions prior to TANDBERG Video Communication Server 5.1.1 are vulnerable.
TANDBERG Video Communication Server is prone to multiple remote vulnerabilities, including:
1. A file-disclosure vulnerability.
2. A security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks.
3. An authentication-bypass vulnerability.
An attacker can exploit these issues to gain unauthorized access to the affected device and to gain access to sensitive information. Other attacks are also possible.
Firmware versions prior to TANDBERG Video Communication Server 5.1.1 are vulnerable.
Exploit / POC
TANDBERG Video Communication Server Multiple Remote Vulnerabilities
The following example URI is available:
https://www.example.com/helppage.php?page=../../../../etc/passwd%00
The following example URI is available:
https://www.example.com/helppage.php?page=../../../../etc/passwd%00
Solution / Fix
TANDBERG Video Communication Server Multiple Remote Vulnerabilities
Solution:
The vendor has released updates. Please see the references for details.
Solution:
The vendor has released updates. Please see the references for details.
References
TANDBERG Video Communication Server Multiple Remote Vulnerabilities
References:
References:
- TANDBERG Homepage (TANDBERG)
- CVE-2009-4509: TANDBERG VCS Authentication Bypass ('Timothy D. Morgan;
- CVE-2009-4510: TANDBERG Video Communication Server Static SSH Host Keys (VSR Advisories
- CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval (VSR Advisories