MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities

IRC bot ident server detection

This host seems to be running an ident server, but the ident server responds to an empty query with a random userid. This behavior may be indicative of an irc bot, worm, and/or virus infection. It is very likely this system has been...

psyBNC Server Detection

The remote host appears to be running psyBNC on this...

Detect presence of PGPNet server and its version

It is possible to detect the existing of PGPNet, by connecting to its open UDP port (500) and sending it a session init packet, the PGPNet daemon would respond (making it possible to know that PGPNet is installed on the computer) with the version of the OpenPGP package it...

cgi.rb

The 'cgi.rb' CGI is installed. Some versions is vulnerable to remote denial of service. By sending a specially crafted HTTP POST request, a malicious user can force the remote host to consume a large amount of CPU ressources. *** Warning : OpenVAS solely relied on the presence of this CGI, it did.....

JRun Sample Files

This host is running the Allaire JRun web server and has sample files installed. Several of the sample files that come with JRun contain serious security flaws. An attacker can use these scripts to relay web requests from this machine to another one or view sensitive configuration ...

Apache Remote Command Execution via .bat files

The Apache 2.0.x Win32 installation is shipped with a default script, /cgi-bin/test-cgi.bat, that allows an attacker to execute commands on the Apache server (although it is reported that any .bat file could open this vulnerability.) An attacker can send a pipe character with commands appended...

IIS 5.0 WebDav Memory Leakage

The WebDav extensions (httpext.dll) for Internet Information Server 5.0 contains a flaw that may allow a malicious user to consume all available memory on the target server by sending many requests using the LOCK method associated to a non existing filename. This concern not only IIS but the...

Microsoft Internet Information Services (IIS) Multiple Vulnerabilities (MS02-018) - Active Check

Microsoft Internet Information Services (IIS) is prone to multiple...

pcAnywhere TCP

pcAnywhere is running on this...

Detect the presence of Napster

Napster is running on a remote computer. Napster is used to share MP3 across the network, and can be misused (by modifying the three first bytes of a target file) to transfer any file off a remote...

foxweb CGI

The foxweb.dll or foxweb.exe CGI is installed. Versions 2.5 and below of this CGI program have a security flaw that lets an attacker execute arbitrary code on the remote server. ** Since OpenVAS just verified the presence of the CGI but could ** not check the version number, this might be a...

Directory Scanner

This plugin attempts to determine the presence of various common dirs on the remote web...

Microsoft Internet Information Services (IIS) Possible Compromise

One or more files were found on this host that indicate a possible compromise of the Microsoft Internet Information Services...

CVSWeb detection

CVSWeb is used by hosts to share programming source code. Some web sites are misconfigured and allow access to their sensitive source code without any password protection. This plugin tries to detect the presence of a CVSWeb CGI and when it finds it, it tries to obtain its...

Codebrws.asp Source Disclosure Vulnerability

Microsoft's IIS 5.0 web server is shipped with a set of sample files to demonstrate different features of the ASP language. One of these sample files allows a remote user to view the source of any file in the web root with the extension .asp, .inc, .htm, or...

Shopping Cart Arbitrary Command Execution (Hassan)

We detected the presence of the Shopping Cart CGI (Hassan). A security problem in this CGI allows execution of arbitrary...

Kcms Profile Server

The Kodak Color Management System service is running. The KCMS service on Solaris 2.5 could allow a local user to write to arbitrary files and gain root access. *** This warning may be a false *** positive since the presence *** of the bug has not been tested. Patches: 107337-02 SunOS 5.7 has...

Detect STUN Server

A VPN server is listening on the remote port. Description : The remote host is running a STUN (Simple Traversal of User Datagram Protocol - RFC 3489) server. Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) is a lightweight protocol that ...

vpasswd.cgi

The 'vpasswd.cgi' CGI is installed. Some versions do not properly check for special characters and allow a cracker to execute any command on your system. *** Warning : OpenVAS solely relied on the presence of this CGI, it did not *** determine if you specific version is vulnerable to that...

Su snow in a SQL Injection-vulnerability warning-the black bar safety net

For the reader: the script invasion enthusiasts, the Black Controller fans Pre-knowledge: su snow a basic method of use Script kiddies: the Su snow is a small ficus in 2 0 0 0 year 1 0 month released a WEB-based detector, mainly used for some of the pages on the landing entrance for brute force,...

Super dove gray vip2005 detector detection principle of a simple analysis-vulnerability warning-the black bar safety net

The Preface of the new gray pigeons always give people everywhere the feeling, own it worked in the friend of the host met several times,each time can only be manually determined and clear. Looking at this detector for a little test. The effect is very good, it creates a want to know how she...

Within the network database server invasion combat-vulnerability warning-the black bar safety net

Takeaway: deal with server the internal network and the external does not open the port of the database server, in addition to the bounce the Port to get a shell, there's no other good way to Do all in cmd,too much trouble, inconvenient we penetrate further within the network, following by a site.....

Recommendation:the Guangdong a University site detection notes(figure)-vulnerability warning-the black bar safety net

Recently by PPMM in a McDonald's cajoling, let me test out their school website, security how to,this thought can like our school like ten minutes away,I agreed, I did not expect...... The following start, in order not to cause unnecessary trouble, the removal of sensitive information. C:>ping.....

The use of“http hidden channel”big break LAN-a vulnerability warning-the black bar safety net

What is http hidden passage? What is Local Area Network Security, System Administrators how to ensure LAN security? This is a constantly changing concept of security, a very long a time since, in the LAN and the external interconnect is placed at a firewall, strictly control the open ports, it can....

Harm to huge media files Trojan offensive and defensive combat(photo-vulnerability warning-the black bar safety net

Today, the network circulating most widely used media file there are two types, one is RM, AND RMVB file, and the other is WMV, WMA files, due to their streaming media good support, make the network of movies, music and other media files are used almost the two kinds of media file formats,...

Linux Kernel 2.6.x - IPv6 Local Denial of Service

Linux Kernel 2.6.x - IPv6 Local Denial of...

Linux Kernel 2.6.x - IPv6 Local Denial of Service

...

Enter a server after hide their own means-vulnerability warning-the black bar safety net

I like hiding, it summed up some of the hidden programme, specifically to look at the situation. Then the General into a server after hide their own means: To 1. superdoor clone, but there is a bug. Banyan brother. ca clone, to rely on the ipc, it is not very cool 2。 Create count$such hidden...

MS05-051: Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) (uncredentialed check)

The remote version of Windows contains a version of MSDTC (Microsoft Data Transaction Coordinator) service that has several remote code execution, local privilege escalation, and denial of service vulnerabilities. An attacker may exploit these flaws to obtain the complete control of the remote...

Talking about after the invasion of the hardware destruction method-vulnerability warning-the black bar safety net

| Internetthe field of security, one foot magic ridge, and then strong fortress also has his deadly colony, hackersarttoday, was born many kinds of means of attack, and in front of the defense method is endless, but whether it is anti-both, all overlooked an important aspect-that is, hardware...

MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)

The remote version of Windows contains a version of the Windows Shell that has several vulnerabilities. An attacker may exploit these vulnerabilities by : Sending a malformed .lnk file a to user on the remote host to trigger an overflow. Sending a malformed HTML document to a user on...

MS05-052: Cumulative Security Update for Internet Explorer (896688)

The remote host contains a version of the Internet Explorer that is vulnerable to a security flaw (COM Object Instantiation Memory Corruption Vulnerability) that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit...

MS05-048: Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)

An unchecked buffer condition could allow an attacker to execute arbitrary code on the remote host. To execute this flaw, an attacker would need to send a malformed message via SMTP to the remote host, either by using the SMTP server (if Exchange is installed) or by sending an email to a user on...

MS05-050: Vulnerability in DirectShow Could Allow Remote Code Execution (904706)

The remote host contains a version of DirectX that is vulnerable to a remote code execution flaw. To exploit this flaw, an attacker would need to send a specially malformed .avi file to a user on the remote host and have him open...

MS05-047: Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)

The remote host contains a version of the Plug and Play service that contains a vulnerability in the way it handles user-supplied data. An authenticated attacker could exploit this flaw by sending a malformed RPC request to the remote service and execute code within the SYSTEM...

MS05-044: Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495)

The remote host contains a version of the Microsoft FTP client that contains a flaw in the way it handles FTP download. An attacker could exploit this flaw to modify the destination location for files downloaded via FTP. To exploit this flaw an attacker would need to set up a rogue FTP server and.....

MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589) (uncredentialed check)

The remote host contains a version of the Client Service for NetWare that is vulnerable to a buffer overflow. An attacker may exploit this flaw by connecting to the NetWare RPC service (possibly over IP) and triggering the overflow by sending a malformed RPC...

MS05-051: Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)

The remote version of Windows contains a version of MSDTC and COM+ that is affected by several remote code execution, local privilege escalation and denial of service vulnerabilities. An attacker may exploit these flaws to obtain the complete control of the remote...

MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)

The remote host contains a version of the Client Service for NetWare that is vulnerable to a buffer overflow. An attacker could exploit this flaw by connecting to the NetWare RPC service (possibly over IP) and trigger the overflow by sending a malformed RPC...

MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)

The remote host contains a version of the Network Connection Manager that contains a denial of service vulnerability that could allow an attacker to disable the component responsible for managing network and remote access connections. To exploit this vulnerability, an attacker would need to send a....

WebWasher < 4.4.1 Build 1613 Multiple XSS

The remote host is running the web proxy WebWasher. According to its banner, the installed version of WebWasher is prone to multiple cross-site scripting flaws. Successful exploitation of these issues may allow an attacker to execute malicious script code in a user's browser within the context of.....

Patchlink Detection

This script uses Windows credentials to detect whether the remote host is running Patchlink and extracts the version number if so. Patchlink is a fully Internet-based, automated, cross-platform, security patch management...

For Discuz Forum, the intrusion-vulnerability warning-the black bar safety net

Recently nothing else, the rookie, set off a Discuz Forum, the invasion of the frenzy of the“movement.” Time trouble the entire security community is boiling endless. However, the site of the webmasters skill fairly agile, low version of the Discuz Forum also useless how long, will be put on a...

Million network: I come in and play two times-the vulnerability and early warning-the black bar safety net

Article author: Andyower Angel doll Information source: evil octal information security teamwww.eviloctal.com to Note: this article has been published 2 0 0 5-year 9-month hacking of Defense. Such as reprint,Please note the name Recently,a friend said to me to help him get a site,that site has...

Google Secure Access VPN Client Installed

The remote host has the program 'Google Secure Access' installed. This software is a VPN client allowing roaming users to establish a VPN connection with Google's VPN server, thus protecting the local communications from being eavesdropped by a local user. This potentially allows Google to...

Denial and then when the“script kids”to become a real hacker! - Vulnerability warning-the black bar safety net

On hack how to make online with the n version. But mostly grandstanding. Look at this now, is I online can see the detailed tutorial. I believe you will certainly have the benefits. Transferred from: tsinghua bbs Basis: How to learn ·To have learning objectives ·Have a learning plan ·To...

MS05-043: Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423) (uncredentialed check)

The remote host contains a version of the Print Spooler service that may allow an attacker to execute code on the remote host or crash the spooler service. An attacker can execute code on the remote host with a NULL session against : Windows 2000 An attacker can crash the remote service with a...

MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)

The remote host contains a version of the Remote Desktop protocol/service that is vulnerable to a security flaw that could allow an attacker to crash the remote service and cause the system to stop...

MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)

The remote version of Windows contains a flaw in the function PNP_QueryResConfList() in the Plug and Play service that could allow an attacker to execute arbitrary code on the remote host with the SYSTEM privileges. A series of worms (Zotob) are known to exploit this vulnerability in the...

MS05-038: Cumulative Security Update for Internet Explorer (896727)

The remote host contains a version of the Internet Explorer that is vulnerable to multiple security flaws (JPEG Rendering, Web Folder, COM Object) that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web...