CVE-2006-3604

Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot) and encoded / (%2f) sequence in the URL.

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/439648/100/0/threaded
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/440893/100/100/threaded
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/450478/100/0/threaded
MISC: http://www.digitalarmaments.com/2006300687985463.html
BID: http://www.securityfocus.com/bid/18948
SECUNIA: http://secunia.com/advisories/20994
XF: http://xforce.iss.net/xforce/xfdb/27656
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3604

8 years
231 countries
200k users
1306k calculations
Logo www.power-shop.gr
Logo www.kelcom.cz
Logo www.systemy-stech.cz
Logo sectech.co.nz
Logo www.i4wifi.cz
Logo ru.kedacom.com