Accounting Portal Authentication Bypass

www.Ostoure.com | | Ostoure Security Research Team | | Title: Accounting Portal authentication Bypass | Vendor: Parsonline - Parsway ISP | Exploitation: Remote with browser ==================== - Description: ==================== The data in the admin folder "DesktopModules" can be accessed via a...

New Bug Found By Ostoure Sazan Sharif

www.Ostoure.com | | Ostoure Security Research Team | | Title: Accounting Portal authentication Bypass | Vendor: Parsonline - Parsway ISP | Exploitation: Remote with browser ==================== - Description: ==================== The data in the admin folder "DesktopModules" can be accessed via a...

NetCache Proxy Denial Of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Research by Hernan Pereira and associates. No response from Speedy in the past 15 days. Proceeding with disclosure. A DoS vulnerability exists in NetCache proxies of at least some areas of Speedy Argentina ISP 201.255.64/18, by which a URL could be...

[ADVISORY] NetCache URL DoS - Argentinian ISP

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Research by Hernan Pereira and associates. No response from Speedy in the past 15 days. Proceeding with disclosure. A DoS vulnerability exists in NetCache proxies of at least some areas of Speedy Argentina ISP 201.255.64/18, by which a URL could be...

FTC pulls plug on spam, child porn ISP

A rogue Internet Service Provider that recruits, knowingly hosts, and actively participates in the distribution of spam, child pornography, and other harmful electronic content has been shut down by a district court judge at the request of the Federal Trade Commission. The ISP’s upstream provider...

Telecom Italia Alice Pirelli routers - Backdoor from internal LAN/WAN

saxdax & drpepperONE Discovered embedded backdoor to activate telnet/ftp/tftp/web extended admin interface with Admin privileges, from internal network lan on Alice ADSL CPE Modem/Router, manufactered by Pirelli based on Broadcom platform. saxdax & drpepperONE Router Vendor: Alice Telecom Italia...

Attacking cisco router-bug warning-the black bar safety net

In you see Before you need to know: －what is IP address?－ What is ISP for?－ What is the TCP/IP data package?－ How to hide your IP address?－ How to use Telnet in?－ How to use HyperTerminal for?－ How to use Ping for?－ How to use TraceRoute it?－ How to use a proxy server?...

Aztech ADSL2/2+ 4 Port default password

Playing around with the configuration files will reveal…..even though the admin accounts password has been changed, there is still another administrative account burried in there. username: isp password: isp Sneaks one past [email protected] http://www.elitter.net...

Design/Logic Flaw

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for 1 WAN.html, 2 wzPPPOE.html, and 3 rpDyDNS.html, and then reading the HTML source...

CVE-2008-1523

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for 1 WAN.html, 2 wzPPPOE.html, and 3 rpDyDNS.html, and then reading the HTML source...

CVE-2008-1523

ZyXEL Prestige routers P-660, P-661, and P-662 with firmware 3.40(AGD.2)–3.40(AHQ.3) expose a vulnerability where remote authenticated users can read HTML source by directly requesting WAN.html, wzPPPOE.html, and rpDyDNS.html, potentially obtaining ISP and Dynamic DNS credentials. This is documen...

doom-rfi.txt

DOOM CMS for ISP's 1.2 RFI --------------------- Author : ShAy6oOoN --------------------- Group : PitBull Crew --------------------- Script : DOOM CMS for ISP's 1.2 --------------------- Download : http://downloads.sourceforge.net/webwrench/DOOMISP20070521.zip?modtime=1179790880&bigmirror=0...

“Sharing God's shield”---- hack ISP restrict multi-machine shared Internet access-vulnerability warning-the black bar safety net

Today there are many local ISP restrict multi-machine shared Internet access, as long as a line is connected to multiple computers and the Internet, it will automatically break. Many masters of this provides a variety of effective responses, however, these methods still make“rookie”friends...

liberoit-xss.txt

The Italian ISP Libero.it not check the HTTP POST Parameter "pQuery" on search query and displays the content of this variable without modification within the html form area. Security problems on Libero's 155.it allows attackers to conduct XSS attacks for the following URL:...

Unfixed XSS vulnerability at www.canadianisp.com

Security researcher Fugitif, has submitted on 07/10/2007 a cross-site-scripting XSS vulnerability affecting www.canadianisp.com, which at the time of submission ranked 435717 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/10/2007. It is...

Solaris 5.6 (sparc) : 109662-03

Solaris ISP Server 2.0: /usr/lib/inet/in.ftpd patch. Date this patch was last updated by Sun : Jun/19/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. ...

Solaris 5.7 (sparc) : 109662-03

Solaris ISP Server 2.0: /usr/lib/inet/in.ftpd patch. Date this patch was last updated by Sun : Jun/19/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. ...

NetSniper network pioneer works-vulnerability warning-the black bar safety net

NetSniper network tip of the soldiers is in Shanghai on a large lake network system Co., Ltd. developed the network access detection and a controller. It can automatically detect the network without permission the erection of a proxy server is system or an illegal router, and through the illegal...

[Kil13r-SA-20060628] Hanaro Search Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060628 Hanaro Search Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/22 - Discovery 2006/06/28 - Release Affected version: Not affected version: Description: Hanaro is ISP site, but that has vulnerability. It...

Sql injection

SQL injection vulnerability in adminlogin.asp in ISP of Egypt SiteMan allows remote attackers to execute arbitrary SQL commands via the pass parameter...