Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection

-"Vladimir '3APA3A' Dubrovin" <[EMAIL PROTECTED]> wrote: - >What can you achieve with script injection you can not achieve >with SNMP write access? I don't know what you can actually achieve, but in addition to whatever you can do to/with the box you have SNMP write access for, it giv

Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public.

Thank you for revisiting this issue. Unfortunately your first message didn't make it to the right parties due to the then-recent acquisition of Netopia by Motorola. We take security seriously and have added in password protection to fix this problem. We are also investigating the root cause of

Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection

Dear ProCheckUp Research, What can you achieve with script injection you can not achieve with SNMP write access? --Thursday, October 9, 2008, 5:02:44 PM, you wrote to bugtraq@securityfocus.com: PR> $ snmpset -v1 -c public 192.168.1.100 sysName.0 s '">>alert(1)' -- ~/ZARAZA http://securi

[ GLSA 200810-02 ] Portage: Untrusted search path local root vulnerability

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200810-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - -

[security bulletin] HPSBMA02362 SSRT080044, SSRT080045, SSRT080042 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS), Execute Arbitrary Code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01537275 Version: 2 HPSBMA02362 SSRT080044, SSRT080045, SSRT080042 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS), Execute Arbitrary Code NOTICE: The informa

Re: Token Kidnapping Windows 2003 PoC exploit

Has a patch been previously released by Microsoft for this?

[security bulletin] HPSBMA02374 SSRT080046 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01567813 Version: 1 HPSBMA02374 SSRT080046 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted u

PR07-31: Unauthenticated SQL Injection, XSS on Login Page and Username Enumeration on DPSnet Case Progress

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 PR07-31: Unauthenticated SQL Injection, XSS and Username Enumeration on DPSnet Case Progress Vulnerabilities Found: 23 May 2007 Vendor Contacted: 10 July 2007, 31 August 2007, 17 September 2007, 12 December 2007 Note: the vendor stopped responding o

News Manager Remote SQL Injection Vulnerability

# News Manager Remote SQL Injection Vulnerability # # © Ghost Hacker , Real Hack Back :)

PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vulnerability found: 2 May 2008 Vendor informed: 2 May 2008, 1st August 2008 Vulnerability fixed: no response was received from the vendor. A workaround has been included in the "Fix" s

[security bulletin] HPSBMA02376 SSRT080099 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01570589 Version: 1 HPSBMA02376 SSRT080099 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) NOTICE: The information in this Security Bulleti

FC2 BLOG Cross-Site Scripting Vulnerabilities

Subject: FC2 BLOG Cross-Site Scripting Vulnerabilities Application: FC2 BLOG Vendor:BLOG.FC2.COM Corporation: FC2, Inc. DATE : 9 Oct 2008 Description: FC2 BLOG Cross-Site Scripting Vulnerabilities Vulnerability: == They do not properly sanitize the potentially malicious input content t