1. Topic Security issues have been identified that allows an attacker to compromise Axis Network Cameras, Video Servers, Serial Servers and Network Digital Video Recorders. 2. Description The first issue allows arbitrary shell command execution via HTTP requests due to erroneous shell command and parameter expansion. The second issue allows circumvention of HTTP authentication when accessing the ServerManager.srv administrative resource. This allows a remote attacker to modify configuration settings nominally requiring administrative privileges. Reference BugTraq id 11011. http://www.securityfocus.com/bid/11011 Note that the StorPoint CD-E100 hardcoded password vulnerability also reported was fixed in firmware release 5.33 issued November 12, 2001. Please see ftp://ftp.axis.com/pub_soft/cd_srv/cde_100/5_33/cde100_533.txt for further details. 3. Affected products Axis 2100/2110/2120/2420/2130 Network Camera - Firmware Release 2.40 and below Axis 2400+/2401+/2411 Video Server - Firmware Release 3.12 and below Axis 2460 Network DVR - Firmware Release 3.11 and below Axis 2490 Serial Server - Firmware Release 2.11.3 and below Axis 230 MPEG-2 Network Camera - Firmware Release 3.11 and below Axis 250S MPEG-2 Video Server - Firmware Release 3.10 and below Axis 2400/2401 Video Server - Firmware Release 2.34 and below 4. Solution The vulnerable applications have been corrected and are included in new firmware releases for all affected products. 5. Releases Release candidates for the corrected firmware releases are available for download now. Production releases will be available shortly. Axis 2100 Network Camera (2.42) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2100/release_candidate/2_42/ Axis 2110 Network Camera (2.42) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2110/release_candidate/2_42/ Axis 2120 Network Camera (2.42) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2120/release_candidate/2_42/ Axis 2420 Network Camera (2.42) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2420/release_candidate/2_42/ Axis 2130 PTZ Network Camera (2.42) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2130/release_candidate/2_42/ Axis 2400+ Video Server (3.13) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2400p/release_candidate/3_13/ Axis 2400+ Blade Video Server (3.13) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2400pb/release_candidate/3_13/ Axis 2401+ Video Server (3.13) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2401p/release_candidate/3_13/ Axis 2401+ Blade Video Server (3.13) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2401pb/release_candidate/3_13/ Axis 2411 Video Server (3.13) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2411/release_candidate/3_13/ Axis 2460 Network Digital Video Recorder (3.13) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2460/release_candidate/3_13/ Axis 2490 Serial Server (2.12) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2490/release_candidate/2_12/ Axis 230 MPEG-2 Network Camera (3.20) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_230/release_candidate/3_20/ Axis 250S MPEG-2 Video Server (3.20) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_250s/release_candidate/3_20/ Axis 2400 Video Server (2.34.1) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2400/sr/2_34_1/ Axis 2401 Video Server (2.34.1) - ftp://ftp.axis.com/pub_soft/cam_srv/cam_2401/sr/2_34_1/
