GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Digital_surveillance_system | Geovision | 6.0.4 (including) | 6.0.4 (including) |
| Digital_surveillance_system | Geovision | 6.1 (including) | 6.1 (including) |
| Digital_surveillance_system | Geovision | 7.0 (including) | 7.0 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=111574131105737\u0026w=2
- http://www.esqo.com/research/advisories/2005/100505-1.txt
- http://www.osvdb.org/16341
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20538
- http://marc.info/?l=bugtraq\u0026m=111574131105737\u0026w=2
- http://www.esqo.com/research/advisories/2005/100505-1.txt
- http://www.osvdb.org/16341
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20538