6603 matches found
PHP Command, Double Reverse TCP Connection (via Perl)
Creates an interactive shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Php include...
CVE-2006-6406
Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-5874
Clam AntiVirus ClamAV 0.88 and earlier allows remote attackers to cause a denial of service crash via a malformed base64-encoded MIME attachment that triggers a null pointer dereference...
CVE-2006-6406
Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
DEBIAN-CVE-2006-6406
Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
DEBIAN-CVE-2006-5874
Clam AntiVirus ClamAV 0.88 and earlier allows remote attackers to cause a denial of service crash via a malformed base64-encoded MIME attachment that triggers a null pointer dereference...
CVE-2006-6408
Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-6406
Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-6405
BitDefender Mail Protection for SMB 2.0 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-5874
The CVE-2006-5874 entry concerns ClamAV
CVE-2006-6407
F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-6408
Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-6405
BitDefender Mail Protection for SMB 2.0 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-6406
Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
CVE-2006-6405
BitDefender Mail Protection for SMB 2.0 is affected by a vulnerability where remote attackers can bypass virus detection by inserting invalid characters into base64-encoded content within a multipart/mixed MIME file, as demonstrated with the EICAR test file. The issue is described in CVE-2006-640...
CVE-2006-6406
Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...
DSA-1232-1 clamav
Bulletin has no description...
Multiple Vendor Unusual MIME Encoding Content Filter Bypass
Several e-mail virus scanners can be tricked into passing an EICAR test file if the following conditions are met: 1. the EICAR file is encoded in Base64 including characters not in the standard alphabet e.g. whitespaces and 2. the part containing the EICAR file is nested within one or several...
VMware ESX多个信息泄露漏洞
VMWare ESX Server是一款虚拟主机的服务程序。 VMWare ESX Server存在多个安全问题,远程攻击者可以利用漏洞获得敏感信息。 VMWare ESX Server包含的管理接口是传统的WEB应用程序,使用的会话ID包含在两个COOKIE中(vmware.mui.kid和vmware.mui.sid),这会话ID格式包含BASE64编码的用户帐户和密码,如果攻击者可以通过其他机制访问COOKIE,就可以获得验证信息。 另外管理接口还提供更改密码的功能,通过HTML表单,用户需要输入和确定新的密码,如更改ROOT用户的密码为"test",就需要如下请求:...
MailEnable SMTP NTLM认证多个安全漏洞
MailEnable是一款商业性质的POP3和SMTP服务器。 MailEnable的NTLM认证过程中SMTP连接器存在3个预认证漏洞。 1. 在处理NTLM Type1消息的签名字段时存在缓冲区溢出,可能导致执行任意代码; 2. 在处理base64编码的NTLM Type1消息中安全缓冲区时存在越界读取,可能导致拒绝服务; 3. 在Type3消息的base64编码过程中存在越界读取,可能导致执行任意代码。 MailEnable MailEnable Professional 2.0 MailEnable MailEnable Enterprise 2.0...