In association with heise online

11 June 2008, 13:34

Vulnerability in open source monitoring software, Motion

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Users of open source webcam monitoring software Motion should install the latest developer patch. It fixes a vulnerability in the configuration interface web server, which could be exploited by an attacker to gain control of or crash a system.

The cause of the problem is an off-by-one buffer overflow in the read_client() function in the webhttpd.c file, which can be provoked by client requests longer than 1023 bytes. By default, the configuration interface is not remotely accessible. Versions 3.2.10 and earlier are affected. Patches are available for versions 3.2.9 and 3.2.10.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit