CVE-2007-3574 – Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - 'setup.cgi' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-3574
Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en el archivo setup.cgi en el Cisco Linksys WAG54GS Wireless-G ADSL Gateway con versión de firmware 1.00.06, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de los parámetros (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, y (4) snmp_setcomm. • https://www.exploit-db.com/exploits/30254 http://osvdb.org/40877 http://osvdb.org/40878 http://secunia.com/advisories/27738 http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs http://www.gnucitizen.org/projects/router-hacking-challenge http://www.securityfocus.com/archive/1/489009/100/0/threaded http://www.securityfocus.com/bid/24682 http://www.securityfocus.com/data/vulnerabilities/exploits/24682.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-2270 – Linksys SPA941 - '\377' Character Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-2270
The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request. Linksys SPA941 VoIP Phone permite a atacantes remotos provocar denegación de servicio (reinicio de dispositivo) a través del caracter 0377 (0ff) en la cabecera From, y posiblemente otras ciertas localizaciones en una respuesta SIP INVITE. • https://www.exploit-db.com/exploits/3791 https://www.exploit-db.com/exploits/3792 http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053959.html http://secunia.com/advisories/25031 http://www.securityfocus.com/bid/23619 http://www.securitytracker.com/id?1017957 http://www.vupen.com/english/advisories/2007/1532 https://exchange.xforce.ibmcloud.com/vulnerabilities/33856 •
CVE-2007-1585
https://notcve.org/view.php?id=CVE-2007-1585
The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE: some of these details are obtained from third party information. El Linksys WAG200G con componente firmware versión 1.01.01, WRT54GC 2 con componente firmware versión 1.00.7 y WRT54GC 1 con componente firmware versión 1.03.0 y versiones anteriores permiten a los atacantes remotos conseguir información confidencial (contraseñas y datos de configuración) por medio de un paquete al puerto UDP 916. NOTA: algunos de estos datos se obtienen de la información de terceros. • http://marc.info/?l=bugtraq&m=117492736903388&w=2 http://secunia.com/advisories/24658 http://www.securityfocus.com/archive/1/463342/100/0/threaded http://www.securityfocus.com/bid/23063 https://exchange.xforce.ibmcloud.com/vulnerabilities/33251 •
CVE-2006-7121
https://notcve.org/view.php?id=CVE-2006-7121
The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service (reboot) via (1) a long URL, or a long (2) username or (3) password during Basic Authentication. El servidor HTTP en Linksys SPA-921 VoIP Desktop Phone permite a atacantes remotos provocar una denegación de servicio (reinicio) mediante (1) un URL largo, o (2) el nombre de usuario o (3) la contraseña largos durante la Autenticación Básica. • http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0089.html http://secunia.com/advisories/22267 http://www.osvdb.org/29671 http://www.securityfocus.com/bid/20346 https://exchange.xforce.ibmcloud.com/vulnerabilities/29349 •
CVE-2006-6411
https://notcve.org/view.php?id=CVE-2006-6411
PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a denial of service (crash) via a TCP SYN scan, as demonstrated using TCP ports 1-65535 with nmap. PhoneCtrl.exe en Linksys WIP 330 Wireless-G IP Phone 1.00.06A permite a atacantes remotos provocar una denegación de servicio (caída) mediante un escaneo TCP SYN, como se demuestra usando puertos TCP 1-65535 con nmap. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051140.html http://secunia.com/advisories/23256 http://securityreason.com/securityalert/2009 http://www.securityfocus.com/archive/1/453754/100/0/threaded http://www.securityfocus.com/bid/21475 http://www.vupen.com/english/advisories/2006/4894 https://exchange.xforce.ibmcloud.com/vulnerabilities/30771 •