The remote host is running MediaWiki, an open source wiki application written in...
7AI Score
Microsoft Security Bulletin MS05-019 Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066) Issued: April 12, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum...
0.7AI Score
0.965EPSS
Authenticated Check : OS Name and Installed Package Enumeration
This plugin logs into the remote host using SSH, RSH, RLOGIN, Telnet, or local commands and extracts the list of installed packages. If using SSH, the scan should be configured with a valid SSH public key and possibly an SSH passphrase (if the SSH public key is protected by a...
AI Score
[Full-Disclosure] Heap Overflow in Oracle 9iAS / 10g Application Server Web Cache
InAccess Networks www.inaccessnetworks.com Security Advisory Advisory Name: Heap Overflow in Oracle 9iAS / 10g Application Server Web Cache Release Date: 8 April 2004 Application: Oracle Web Cache - all versions except 9.0.4.0.0...
0.1AI Score
0.14EPSS
Cisco Security Advisory: A default Username and Password in WLSE and HSE devices
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a re-release of the Advisory. In the previous Advisory release, it was incorrectly stated that the fix for this vulnerability is a configuration change. That has now been corrected. We apologize for any inconvenience, Cisco PSIRT Cisco...
-0.4AI Score
wu-ftpd fb_realpath() off-by-one bug
Synopsis: wu-ftpd fb_realpath() off-by-one bug Product: wu-ftpd Version: 2.5.0 <= 2.6.2 Vendor: http://www.wuftpd.org/ URL: http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0466...
0.1AI Score
0.795EPSS
Horde test.php Direct Reqest Information Disclosure
The remote server is running Horde or a related project along with one or more test scripts. These scripts may leak server-side information that is valuable to an...
-0.2AI Score
Positive Technologies SA2003-0310: DoS-attack in VisNetic ActiveDefense
Positive Technologies Security Advisory http://www.ptsecurity.com Title: DoS-attack in VisNetic ActiveDefense Date: March, 10 2003 Severity: High Application: VisNetic ActiveDefense 1.3.1 and early Platform: Windows 95/98/ME/NT/2000/XP Vendor Status: Notified,...
0.5AI Score
Positive Technologies Security Advisory 2003-0307: DoS-attack in Kerio WinRoute Firewall
Positive Technologies Security Advisory http://www.ptsecurity.com Title: DoS-attack in Kerio WinRoute Firewall Date: March, 07 2003 Severity: High Application: Kerio WinRoute Firewall 5.0.1 Platform: Windows 95/98/ME/NT/2000/XP Vendor Status: Notified, patched in...
0.5AI Score
middleman-1.2 and prior off-by-one bug
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QITEST1 SECURITY ADVISORY #006 middleman-1.2 and prior off-by-one bug PROGRAM DESCRIPTION Middleman is a powerful proxy server with many features designed to make browsing the Internet a more pleasant experience. It can do much more than just...
-0.6AI Score
TracerouteNG - never ending story
Hi everyone, I want to provide some additional information about the recently discovered traceroute-ng flaw. I decided to disclose to details right now because I do not believe that the flaw is easily exploitable. 1) The vulnerablilty. The patch provided by vendors like SuSE is not sufficient....
-0.8AI Score
Multiple compilers "erased" memory reading
Multiple secure programs use something like memset(buf, 0, len) to erase keys, passwords, etc from memory. The problem is this code can be eliminated by compiler during optimization...
2.9AI Score
Multiple vendors' firewalls do not adequately keep state of FTP traffic
Overview Firewalls and other systems that inspect FTP application layer traffic may not adequately maintain the state of FTP commands and responses. As a result, an attacker could establish arbitrary TCP connections to FTP servers or clients located behind a vulnerable firewall. Description Many...
0.2AI Score
RUS-CERT Advisory 2002-08:01: Incorrect integer overflow detection in C code
Incorrect integer overflow detection in C code A widely used method of detecting integer overflows results in undefined behavior according to the C standard. Who Should Read This Document This advisory deals with with details of the C programming language. It is targeted at C programmers....
-0.2AI Score
0.753EPSS
SNMP Request Cisco Router Information Disclosure
It is possible to determine the model of the remote CISCO system by sending SNMP requests with the OID 1.3.6.1.4.1.9.1. An attacker may use this information to gain more knowledge about the remote...
7.1AI Score
Cisco Security Advisory: Vulnerable SSL implementation in iCDN
-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Vulnerable SSL implementation in iCDN Revision 1.0 For public release 2001 September 12 08:00 (GMT -0800) Summary A security vulnerability has been discovered in version 3.x of the RSA BSAFE SSL-J Software Developer Kit made by...
AI Score
The management interface used with the Interscan VirusWall uses several cgi programs that may allow a malicious user to remotely change the configuration of the server without any authorization using maliciously constructed...
6.4AI Score
0.006EPSS
OmniHTTPd Encoded Space Request Script Source Disclosure
OmniHTTPd is affected by a vulnerability that permits malicious users to get the full source code of scripting files. By appending an ASCII/Unicode space char '%20' to a script's suffix, the web server will no longer interpret it and instead send it back as a simple document in the same manner as.....
6.2AI Score
0.016EPSS
7.4AI Score
0.3AI Score
A fragmentation attack against IP Filter
I did not want to release this on a Friday afternoon. Happy experimenting -Thomas ---- cut here ---- *** A fragmentation attack against IP Filter *** April 6th, 2001 Thomas Lopatic <[email protected]> The research for this advisory was...
-0.4AI Score
Exploiting Kernel Buffer Overflows FreeBSD Style
-----BEGIN PGP SIGNED MESSAGE----- Exploiting Kernel Buffer Overflows FreeBSD Style: Defeating Security Levels and Breaking Out of Jail(2) Esa Etelavuori December 28, 2000 Introduction This is a detailed case study...
-0.3AI Score
7.4AI Score
EPSS
local exploit for linux's Koules1.4 package
/* Coolz.cpp - yep a C Plus Plus exploit, I like that Strings STL :) This problem has been known since April this year, but I have not seen any exploit so far. First of all I wasn't planning to go and release another ordinary stack smash, but I found the setuid game on some wargame/hackme...
-0.2AI Score
Jan Hubicka Koules 1.4 - Svgalib Local Buffer Overflow
Jan Hubicka Koules 1.4 - Svgalib Local Buffer...
0.5AI Score
Predictability Problems in IRIX Cron and Compilers
Crimelabs, Inc. www.crimelabs.com Security Note Crimelabs Security Note CLABS200004 Title: Poor Tempfile Use in IRIX: Compilers and Cron Date: 21 June, 2000 Application: MIPSPro Compilers (7.1, 7.2.1 tested),...
-0.8AI Score
NetBSD Security Advisory 2000-002
NetBSD Security Advisory 2000-002 ================================= Topic: IP options processing Denial of Service Version: NetBSD 1.4.2 and prior; NetBSD-current until 20000507. Severity: Network-connected systems can be crashed remotely. Abstract Receipt of IP...
-0.2AI Score
This plugin attempts to determine the type and the version of the remote web...
0.4AI Score
-0.3AI Score
-0.5AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
ISC BIND (Multiple OSes) - Remote Buffer Overflow (2)
ISC BIND (Multiple OSes) - Remote Buffer Overflow...
0.5AI Score
ISC BIND (LinuxBSD) - Remote Buffer Overflow (1)
ISC BIND (LinuxBSD) - Remote Buffer Overflow...
1.2AI Score
Category for System Center Online Client
System Center Online Client is the client software for Microsoft Asset Inventory Service (AIS). Updates offered in this category will apply only to computers running the System Center Online Client software and will contain updates including security updates. AIS is an online service that...
1.4AI Score