MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities

MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)

漏洞描述： Microsoft FrontPage服务器扩展是Microsoft公司开发的用于加强IIS Web服务器的功能的软件包。Microsoft FrontPage Server Extensions存在两个新的安全漏洞，可导致远程攻击者可以利用这个漏洞进行缓冲区溢出攻击，可能以FrontPage进程权限在系统上执行任意指令。 第一个漏洞是由于FrontPage服务扩展的远程调试功能上存在缓冲区溢出，这个功能用于用户远程连接FrontPage服务扩展的服务器和远程调试内容使用，如Visual...

Microsoft FrontPage Server Extensions - 'fp30reg.dll' (MS03-051)

...

MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)

Exploit for unknown platform in category remote...

[NT] BEA Tuxedo Administration CGI Multiple Argument Issues

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source....

Oracle PORTAL_DEMO.ORG_CHART SQL Injection

It is possible to access a demo (PORTAL_DEMO.ORG_CHART) script on the remote host. Access to these pages should be restricted because it may be possible to abuse this demo for SQL Injection attacks. Additional components of the Portal have been reported as vulnerable to SQL injection attacks but...

MS03-043: Buffer Overrun in Messenger Service (828035) (uncredentialed check)

A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system or could cause the Messenger Service to...

Wollf Backdoor Detection

This host appears to be running Wollf on this port. Wollf Can be used as a Backdoor which allows an intruder gain remote access to files on your computer. If you did not install this program for remote management then this host may be compromised. An attacker may use it to steal your passwords, or....

Fluxay Sensor Detection

This host appears to be running Fluxay Sensor on this port. Fluxay Sensor is a backdoor that allows an intruder to gain remote access to files on your computer. Similar to SubSeven, this program installs as a service and is password protected to make it difficult to stop or remove it. An...

myPHPcalendar Multiple Scripts cal_dir Parameter Remote File Inclusion

The remote web server appears to be hosting myPHPCalender. The installed version contains a vulnerability that could allow an attacker to make the remote host include php files hosted on a third party server. An attacker may use this flaw to inject arbitrary code in the remote host and gain a...

PayPal Store Front index.php page Parameter Remote File Inclusion (deprecated)

It is possible to make the remote host include PHP files hosted on a third-party server using the PayPal Store Front CGI suite which is installed. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. The plugin was...

Microsoft IIS ODBC Tool getdrvrs.exe DSN Creation

ODBC tools are present on the remote host. ODBC tools could allow a malicious user to hijack and redirect ODBC traffic, obtain SQL user names and passwords or write files to the local drive of a vulnerable server. Example:...

Microsoft SQL Server < 7 Local Privilege Escalation

Based on its version number, the remote host may be vulnerable to a local exploit wherein an authenticated user can obtain and crack SQL usernames and passwords from the registry. An attacker may use this flaw to elevate their privileges on the local database. *** This alert might be a false...

RemoteNC Backdoor Detection

This host appears to be running RemoteNC on this port RemoteNC is a Backdoor which allows an intruder gain remote control of your computer. An attacker may use it to steal your...

FsSniffer Backdoor Detection

This host appears to be running FsSniffer on this port. FsSniffer is backdoor which allows an intruder to steal PoP3/FTP and other passwords you use on your system. An attacker may use it to steal your...

[ESA-20030924-026] &#39;WebTool-userpass&#39; passphrase disclosure vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | Guardian Digital Security Advisory September 24, 2003 | | http://www.guardiandigital.com ESA-20030924-026 |...

[ESA-20030916-023] OpenSSH buffer management error.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | Guardian Digital Security Advisory September 16, 2003 | | http://www.guardiandigital.com ESA-20030916-023 |...

OpenSSH contains buffer management errors

Overview Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. Description Versions of OpenSSH prior to 3.7.1 contain errors in the general...

myPHPNuke My_eGallery gallery/displayCategory.php basepath Parameter Remote File Inclusion

The remote web server appears to be running myPHPNuke. The installed version is affected by a remote file include vulnerability in the 'gallery/displayCategory.php' script. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web...

Microsoft Security Bulletin MS03-039: Buffer Overrun In RPCSS Service Could Allow Code Execution&#40;824146&#41;

-----BEGIN PGP SIGNED MESSAGE----- Title: Buffer Overrun In RPCSS Service Could Allow Code Execution (824146) Date: September 10, 2003 Software: Microsoft Windows NT Workstation 4.0 Microsoft Windows NT Server(r) 4.0 Microsoft Windows NT Server 4.0,...

Microsoft Windows RPCSS Service contains heap overflow in DCOM activation routines

Overview There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. Description The Microsoft RPCSS Service is responsible for managing Remote Procedure Call (RPC) messages and is enabled by default on many...

Microsoft Windows RPCSS Service contains heap overflow in DCOM request filename handling

Overview There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. Description The Microsoft RPCSS Service is responsible for managing Remote Procedure Call (RPC) messages and is enabled by default on many...

Postfix vulnerable to DoS by supplying a remote SMTP listener with a malformed envelope address

Overview A denial-of-service vulnerability exists in all versions of Postfix prior to 2.0. This vulnerability may allow a remote attacker to cause mail service interruption. Description Postfix is a very popular mail transfer agent (MTA). Michal Zalewski has discovered a denial-of-service...

MS Blaster Worm (msblast.exe) Infection Detection

The remote host seems to be infected by the MS Blaster worm, or the Nachi worm, which may make this host attack random hosts on the...

Linux 2.4 NFSv3 knfsd Malformed GETATTR Request Remote DoS

The remote host is running knfsd, a kernel NFS daemon. There is a vulnerability in this version that may allow an attacker to cause a kernel panic on the remote host by sending a malformed GETATTR request with an invalid length...

ashNews 0.83 Multiple Vulnerabilities

It is possible to make the remote host include php files hosted on a third-party server using Ashnews. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. In addition, the application reportedly fails to sanitize the...

Forum51/Board51/News51 Users Disclosure

The remote web server is running a bulletin board application (Forum51, Board51, or News51) with an information disclosure vulnerability. It is possible to retrieve usernames and password hashes by requesting '/data/user.idx'. A remote attacker could use this information to mount further...

AtomicBoard Multiple Remote Vulnerabilities (Traversal, Path Disc)

The remote host is running AtomicBoard, a weblog and message board system written in PHP. A directory traversal vulnerability exists in the 'location' parameter of the 'index.php' file. An attacker could exploit this in order to read arbitrary files subject to the privileges of the web server...

List of Security Fixes in Windows 2000 Service Pack 4

List of Security Fixes in Windows 2000 Service Pack 4 The information in this article applies to: Microsoft Windows 2000 Advanced Server SP4 Microsoft Windows 2000 Professional SP4 Microsoft Windows 2000 Server SP4 SUMMARY This article describes the following security-related bugs and update...

Carello E-Commerce Carello.dll Command Execution

The remote host appears to be running Carello.dll, a web-based shopping cart. Versions up to 1.3 of this web shopping cart have a command execution vulnerability. This could allow a remote attacker to run arbitrary commands on the system with the privileges of the web server. *** Note that no...

Alt-N WebAdmin Multiple Vulnerabilities

webadmin.dll was found on the web server. Old versions of this CGI suffered from numerous problems: - installation path disclosure - directory traversal, allowing anybody with administrative permission on WebAdmin to read any file - buffer overflow, allowing anybody to run arbitrary code on the...

MyServer <= 0.4.2 Multiple Remote DoS

The remote host is running MyServer 0.4.2 or older. There are flaws in this software that could allow an attacker to disable this service...

pMachine <= 2.2.1 Multiple Vulnerabilities

The remote host is running a version of pMachine that is affected by two flaws : It is vulnerable to multiple path disclosure problems that could allow an attacker to gain more knowledge about this host. It is vulnerable to a cross-site-scripting attack that could allow an attacker...

Proxomitron GET Request Overflow Remote DoS

The remote host is running the Proxomitron proxy. There might be a bug in this software which may allow an attacker to disable it remotely. *** Nessus did not check for the presence of the flaw, so this might *** be a false...

Various UNIX and Linux PDF readers/viewers execute commands embedded within hyperlinks

Overview A vulnerability in various UNIX and Linux PDF viewers/readers may allow remote attackers to execute arbitrary commands on your system. Description Adobe Systems Incorporated describes PDF (Portable Document Format) as "a universal file format that preserves the fonts, images, graphics,...

CuteFTP < 5.0.2.0 Multiple Vulnerabilities

CuteFTP, an FTP client, is installed on the remote Windows host. The version of CuteFTP on the remote host reportedly is affected by a buffer overflow that may be exploited by an attacker to execute arbitrary commands, subject to the privileges of the current user. To exploit this issue, an...

LedNews News Post XSS

The remote web server is running LedNews, a set of scripts designed to help maintain a news-based website. There is a flaw in some versions of LedNews that could allow an attacker to include rogue HTML code in the news, which may in turn be used to steal the cookies of people visiting this site,...

Infinity CGI Exploit Scanner Multiple Vulnerabilities

The remote is running Infinity Exploit Scanner, a web-based CGI vulnerability scanner implemented in perl and stored under the name 'nph-exploitscanget.cgi'. There is a flaw in this CGI that lets an attacker execute arbitrary commands on this host. In addition to this, there is a flaw in this CGI.....

pMachine lib.inc.php pm_path Parameter Remote File Inclusion

It is possible to make the remote host include PHP files hosted on a third-party server using the pmachine CGI suite which is installed. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web...

mnoGoSearch search.cgi Multiple Parameter Remote Overflows

The mnoGoSearch search.cgi CGI is installed on the remote web server. Older versions of this software have multiple buffer overflow vulnerabilities. A remote attacker could exploit these issues to execute arbitrary code. Note that Nessus only detected the presence of this CGI, and did not...

gnocatan Multiple Buffer Overflows

The remote host is running gnocatan, an online game server. There is a flaw in this version which may allow an attacker to execute arbitrary commands on this host, with the privileges this service is running with. An attacker may exploit this flaw to gain a shell on this...

SmartFTP Multiple Command Response Overflow

The remote host is running SmartFTP - an FTP client. There is a flaw in the remote version of this software that could allow an attacker to execute arbitrary code on this host. To exploit it, an attacker would need to set up a rogue FTP server and have a user on this host connect to...

FlashFXP < 2.1b923 Multiple Remote Overflows

FlashFXP, an FTP client, is installed on the remote host. This version is vulnerable to a stack-based buffer overflow attack when receiving a long response to the PASV command, or when processing a long host...

FTP Voyager LIST Command File List Handling Remote Overflow

The remote host is running FTP Voyager - an FTP client. The version installed is earlier than 10.0.0.1. Such versions are reportedly affected by a buffer overflow vulnerability. An attacker could exploit this flaw in order to execute arbitrary code on this host. To exploit it, an attacker would...

zenTrack index.php configFile Parameter Traversal Arbitrary Files Access

It is possible to make the remote web server show the content of arbitrary files by making requests like :...

[NEWS] XSS Vulnerability in Synkron.web CMS

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion Latest attack techniques. You're a pen tester, but is google.com still your R&D team? Now you can get trustworthy commercial-grade exploits...

LeapFTP < 2.7.4.x PASV Reply Remote Overflow

The remote host is running LeapFTP - an FTP client. There is a flaw in the remote version of this software that could allow an attacker to execute arbitrary code on this host. To exploit it, an attacker would need to set up a rogue FTP server and have a user on this host connect to...

Spyke Multiple Remote Vulnerabilities

The remote host is using Spyke - a web board written in PHP. This board stores vital information in the file info.dat, which can be downloaded by anyone. This file contains the name of the administrator of the website, as well as its password. Another flaw lets an attacker download information...

zenTrack index.php Multiple Parameter Remote File Inclusion

It is possible to make the remote host include php files hosted on a third-party server using the version of zenTrack installed on the remote host. An attacker may use this flaw to inject arbitrary code and to gain a shell with the privileges of the web server on the affected...

URLScan for IIS Detection

The remote web server is using URLScan to protect itself, which is a good thing. However since it is possible to determine that URLScan is installed, an attacker may safely assume that the remote web server is Internet Information...

WF-Chat User Account Disclosure

The WF-Chat allows an attacker to view information about registered users by requesting the files '!nicks.txt' and...