<<< Date Index >>>     <<< Thread Index >>>

Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection



Dear ProCheckUp Research,

 What  can  you  achieve  with script injection you can not achieve with
 SNMP write access?

--Thursday, October 9, 2008, 5:02:44 PM, you wrote to bugtraq@xxxxxxxxxxxxxxxxx:

PR> $ snmpset -v1 -c public 192.168.1.100 sysName.0 s
'">><script>alert(1)</script>'


-- 
~/ZARAZA http://securityvulns.com/