-"Vladimir '3APA3A' Dubrovin" <[EMAIL PROTECTED]> wrote: -
>What can you achieve with script injection you can not achieve
>with SNMP write access?
I don't know what you can actually achieve, but in addition to whatever you
can do to/with the box you have SNMP write access for, it giv
Thank you for revisiting this issue. Unfortunately your first message didn't
make it to the right parties due to the then-recent acquisition of Netopia by
Motorola.
We take security seriously and have added in password protection to fix this
problem. We are also investigating the root cause of
Dear ProCheckUp Research,
What can you achieve with script injection you can not achieve with
SNMP write access?
--Thursday, October 9, 2008, 5:02:44 PM, you wrote to bugtraq@securityfocus.com:
PR> $ snmpset -v1 -c public 192.168.1.100 sysName.0 s
'">>alert(1)'
--
~/ZARAZA http://securi
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200810-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01537275
Version: 2
HPSBMA02362 SSRT080044, SSRT080045, SSRT080042 rev.2 - HP OpenView Network Node
Manager (OV NNM), Remote Denial of Service (DoS), Execute Arbitrary Code
NOTICE: The informa
Has a patch been previously released by Microsoft for this?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01567813
Version: 1
HPSBMA02374 SSRT080046 rev.1 - HP OpenView Network Node Manager (OV NNM),
Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
PR07-31: Unauthenticated SQL Injection, XSS and Username Enumeration on
DPSnet Case Progress
Vulnerabilities Found: 23 May 2007
Vendor Contacted: 10 July 2007, 31 August 2007, 17 September 2007, 12
December 2007
Note: the vendor stopped responding o
# News Manager Remote SQL Injection Vulnerability
#
# © Ghost Hacker , Real Hack Back :)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
Vulnerability found: 2 May 2008
Vendor informed: 2 May 2008, 1st August 2008
Vulnerability fixed: no response was received from the vendor. A
workaround has been included in the "Fix" s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01570589
Version: 1
HPSBMA02376 SSRT080099 rev.1 - HP System Management Homepage (SMH) for Linux
and Windows, Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulleti
Subject: FC2 BLOG Cross-Site Scripting Vulnerabilities
Application: FC2 BLOG
Vendor:BLOG.FC2.COM
Corporation: FC2, Inc.
DATE : 9 Oct 2008
Description: FC2 BLOG Cross-Site Scripting Vulnerabilities
Vulnerability:
==
They do not properly sanitize the potentially malicious input content
t
12 matches
Mail list logo