ZyXEL P-330W “Secure Wireless Internet Sharing Router” is
vulnerable to multiple XSS and XSRF attacks.
There are a plethora of XSS vulns in the web-based management
interface so I'll leave it to you to discover these gifts on your
own. Here is a starting point:
There is a buffer overflow in the AddFolder() method of the Persists Software
XUpload control, version 2.1.0.1. This object is marked safe for scripting.
Version 3.0(latest) is not vulnerable(throws an error if the parameter is more
than 256 characters), I have not tested any other versions. A
The AOL YGP Picture Editor Control(AIM PicEditor Control) version 9.5.1.8
suffers from multiple exploitable buffer overflows in various properties. This
object is marked safe for scripting. I have not tested other versions. PoC as
follows:
!--
written by e.b.
--
html
head
On Dec 25, 2007 5:29 PM, Elazar Broad [EMAIL PROTECTED] wrote:
The AOL YGP Picture Editor Control(AIM PicEditor Control) version
9.5.1.8suffers from multiple exploitable buffer overflows in various
properties.
This object is marked safe for scripting. I have not tested other versions.
PoC
On Tue, 25 Dec 2007 21:53:29 CST, reepex said:
How does a bunch of 'A's prove something is exploitable?
If a bunch of A's causes the EIP to end up as x'41414141', it's 95% of the
way to being an exploit. If it gets you some *other* crash, it's probably
at least 30% to 40% of the way to an