header-logo
Suggest Exploit
vendor:
CamShot
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: CamShot
Affected Version From: Trial versions
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 95/98/2000/NT
2001

CamShot Remote Buffer Overflow Vulnerability

CamShot is a Windows 95/98/2000/NT web server that serves up web pages containing time stamped images captured from a video camera. Certain trial versions of this software contain a possibly exploitable remote buffer overflow by way of a overly long user supplied 'Authorization' password. An example of this is GET / HTTP/1.1<enter>Authorization: Basic ['a'x325]<enter><enter>

Mitigation:

Upgrade to the latest version of CamShot
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1685/info

CamShot is a Windows 95/98/2000/NT web server that serves up web pages containing time stamped images captured from a video camera. The images can be viewed from anywhere on the network with a web browser. CamShot works with Video For Windows compatible video equipment. Certain trial versions of this software contain a possibly exploitable remote buffer overflow by way of a overly long user supplied 'Authorization' password. 

It is not known if supported commercial versions of this software contain the same vulnerability.

Example:

GET / HTTP/1.1<enter>
Authorization: Basic ['a'x325]<enter><enter>

Navigation

Suggest Exploit

Services By CQR