CVE-2020-11448
https://notcve.org/view.php?id=CVE-2020-11448
An issue was discovered on Bell HomeHub 3000 SG48222070 devices. There is XSS related to the email field and the login page. Se descubrió un problema en los dispositivos Bell HomeHub 3000 SG48222070. Hay XSS relacionado con el campo de correo electrónico y la página de inicio de sesión. • https://0xem.ma/posts/HH3K-CVE https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-11447
https://notcve.org/view.php?id=CVE-2020-11447
An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device. Se descubrió un problema en los dispositivos Bell HomeHub 3000 SG48222070. Los usuarios autenticados remotamente pueden recuperar el número de serie a través de cgi/json-req; esto es una filtración de información porque el número de serie pretende demostrar el acceso físico de un actor al dispositivo. • https://0xem.ma/posts/HH3K-CVE https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2007-1189 – Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-1189
Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions. Desbordamiento de entero en la función envwrite en el kernel Alcatel-Lucent Bell Labs Plan 9 permite a un usuario local sobreescribir ciertas direcciones de memoria con la memoria kernel a través de un argumento n, como se demostró por (1) la modificación de la función iseve para ganar privilegios y (2)haciendo que la función devpermcheck conceda permisos sin restricción del dispositivo. • https://www.exploit-db.com/exploits/3383 http://kernelspace.us/itheft.c http://lists.immunitysec.com/pipermail/dailydave/2007-February/004118.html http://osvdb.org/34956 http://www.securityfocus.com/bid/22749 •
CVE-2001-1169
https://notcve.org/view.php?id=CVE-2001-1169
keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo. • http://archives.neohapsis.com/archives/bugtraq/2001-08/0441.html •