Advisories

SYBSEC-ADV14: March Networks DVR 3204 Logfile Information Disclosure

Title	`March Networks DVR 3204 Logfile Information Disclosure`
ID	`SYBSEC-ADV14`
Severity	`HIGH`
History	`09.FEB.2007 Vulnerability discovered 25.NOV.2007 Vendor contacted`
Scope	`Information Disclosure`
Platforms	`March Networks DVR 3204`
Author	`Alex Hernandez <ahernandez [at] sybsecurity [dot] com>`
URL	`http://www.sybsecurity.com/advisors/SYBSEC-ADV14-March_Networks_DVR_3204_Logfile_Information_Disclosure`
Release	`Public`
Overview	`DVRs are basically mini-PCs that allow a user to record TV broadcasts, cable, or DirectTV transmissions, depending on the model, in digital form on a hard drive located inside the recorder.`
Affected versions	`The vulnerability has been reported in versions March Networks DVR version 3204`
Description	`Since configuration of the IP address, user console and root is carried out over the "administrator console", the vulnerability lies within Watchdog's HTTP server application.`
Workaround	`Upgrade the sofware version you can download from: http://www.marchnetworks.com`
Acknowledgments	`This vulnerability have been found and researched by: - Alex Hernandez <ahernandez [at] sybsecurity [dot] com>`
References	`* MarchNetworks: http://www.marchnetworks.com * SYB Security: http://www.sybsecurity.com`
Details	`Any user can obtain the log files without authentication by accessing the following PATH http:/dvraddress/scripts/logfiles.tar.gz. The intruder can then uncompress the tar file and access the config.dat to reveal username and passwords, names of devices, and IP addresses of other security components attached to the corporate network`
Exploit tool	`sybsec-adv14.txt`