exploits , vulnerabilities , articles , ZyXEL B-240 Wireless Ethernet Adapter Web Interface Remote Cross-Site Scripting Vulnerability

Title	ZyXEL B-240 Wireless Ethernet Adapter Web Interface Remote Cross-Site Scripting Vulnerability
Published	2004-12-31-12:00AM
Updated	2004-12-31-07:08PM
Class	Failure to Handle Exceptional Conditions
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	"C H F" <beniwiedmer@tiscali.ch> is credited with the discovery of this issue.
Vulnerable	ZyXEL B420 Wireless Ethernet Adapter
Not Vulnerable
Code	No exploit is required to leverage this issue. The following proof of concept is designed to trigger a denial of service condition in the affected device: http://www.example.com/Forms/rpAuth_1?ZyXEL%20ZyWALL%20Series<script>top.location.pathname=""</script>
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-16 ZABBIX Denial Of Service and SQL Injection Vulnerabilities
• 2009-12-16 IBM WebSphere Application Server JNDI Remote Information Disclosure Vulnerability
• 2009-12-16 Horde Application Framework Administration Interface Cross-Site Scripting Vulnerability
• 2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
• 2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
• 2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
• 2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
• 2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
• 2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
• 2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 02:14:58 +0000