Bugtraq: Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection

From: lee.e.rian () census gov
Date: Thu, 9 Oct 2008 17:24:27 -0400

-----"Vladimir '3APA3A' Dubrovin" <3APA3A () SECURITY NNOV RU> wrote: -----

What  can  you  achieve  with script injection you can not achieve
with SNMP write access?


I don't know what you can actually achieve, but in addition to whatever you
can do to/with the box you have SNMP write access for, it gives you a shot
at the admin's machine.  And maybe even a shot at everything that the
admin's machine can talk to.

Regards,
Lee


--Thursday, October 9, 2008, 5:02:44 PM, you wrote to
bugtraq () securityfocus com:

PR> $ snmpset -v1 -c public 192.168.1.100 sysName.0 s
'">><script>alert(1)</script>'


--
~/ZARAZA http://securityvulns.com/

By Date By Thread

Current thread:

PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection ProCheckUp Research (Oct 09)
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vladimir '3APA3A' Dubrovin (Oct 09)
  - Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection lee . e . rian (Oct 09)
    - Re[2]: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vladimir '3APA3A' Dubrovin (Oct 10)
  - Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection ProCheckUp Research (Oct 10)