TANDBERG Video Communication Server 4.2.1/4.3.0 - Multiple Remote Vulnerabilities

Author: Jon Hart
type: webapps
platform: php
port: 
date_added: 2010-04-12 
date_updated: 2014-06-21 
verified: 1 
codes: CVE-2009-4511;OSVDB-63833 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/39389/info

TANDBERG Video Communication Server is prone to multiple remote vulnerabilities, including:

1. A file-disclosure vulnerability.
2. A security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks.
3. An authentication-bypass vulnerability.

An attacker can exploit these issues to gain unauthorized access to the affected device and to gain access to sensitive information. Other attacks are also possible.

Firmware versions prior to TANDBERG Video Communication Server 5.1.1 are vulnerable.

https://www.example.com/helppage.php?page=../../../../etc/passwd%00