[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection

To: ProCheckUp Research <research@xxxxxxxxxxxxxx>
Subject: Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
From: "Vladimir '3APA3A' Dubrovin" <3APA3A@xxxxxxxxxxxxxxxx>
Date: Thu, 9 Oct 2008 22:20:45 +0400

Dear ProCheckUp Research,

 What  can  you  achieve  with script injection you can not achieve with
 SNMP write access?

--Thursday, October 9, 2008, 5:02:44 PM, you wrote to bugtraq@xxxxxxxxxxxxxxxxx:

PR> $ snmpset -v1 -c public 192.168.1.100 sysName.0 s
'">><script>alert(1)</script>'


-- 
~/ZARAZA http://securityvulns.com/

Follow-Ups:
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  - From: lee . e . rian
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  - From: ProCheckUp Research

References:
- PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  - From: ProCheckUp Research

Prev by Date: [ GLSA 200810-02 ] Portage: Untrusted search path local root vulnerability
Next by Date: Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public.
Previous by thread: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
Next by thread: Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
Index(es):
- Date
- Thread