Microsoft Windows DNS Server WPAD Access Validation Vulnerability

Description The Microsoft Windows DNS Server is prone to an access-validation vulnerability because the software fails to properly restrict access when defining WPAD Web Proxy Autodiscovery Protocol entries. An authenticated attacker may exploit this issue to create a WPAD DNS entry. This may aid...

Microsoft Windows DNS Server Incorrect Caching DNS Spoofing Vulnerability

Description The Microsoft Windows DNS Server is prone to a DNS-spoofing vulnerability because the software fails to cache responses to specially crafted DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to...

Fedora Update for snort FEDORA-2008-4986

Check for the Version of snort OpenVAS Vulnerability Test Fedora Update for snort FEDORA-2008-4986 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora Update for snort FEDORA-2008-5001

Check for the Version of snort OpenVAS Vulnerability Test Fedora Update for snort FEDORA-2008-5001 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

pro2col-xss.txt

Pro2col StingRay FTS login username cross site scripting scip AG Vulnerability ID 3809 09/12/2008 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3809 I. INTRODUCTION StingRay FTS is a file transfer server for Internet communications. Customers are able to transfer files or to send emails via the...

Microsoft Windows PGM Invalid Length Remote Denial Of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted PGM Pragmatic General Multicast network traffic. Attackers can exploit this issue to cause an affected computer to stop responding until it is manually...

Debian: Security Advisory (DSA-297)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[REVS] Having Fun with Sensor Appliance Proventia GX5108 and GX5008 Insecurities (Part One)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities scip AG Vulnerability ID 2893 12/22/2006 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2893 I. INTRODUCTION ePortfolio is a e-banking application by TKS Banking Solutions. More...

CA eTrust Intrusion Detection System Key Exchange Remote DoS

The remote host is running CA eTrust Intrusion Detection System, a security solution with intrusion detection, antivirus, web filtering and session monitoring. The remote version of this software is affected by a denial of service vulnerability in the way it handles session keys. An attacker can...

Snort GRE报文解码整数溢出漏洞

Snort是广泛部署的开放源码网络入侵检测系统（IDS）。很多其他IDS产品中也使用了Snort及其组件。 Snort的decode.c文件中DecodeGRE函数在解码GRE协议时存在整数溢出漏洞，攻击者可能利用此漏洞获取某些敏感信息。 漏洞相关代码如下： ==BEGIN CODE== ... line 3459 decode.c void DecodeGREuint8t pkt, const uint32t len, Packet p uint8t flags; uint32t hlen; / GRE header length / uint32t payloadlen;...

[Full-disclosure] [scip_Advisory 2352] F5 FirePass 4100 prior 6.x multiple Cross Site Scripting

F5 FirePass 4100 prior 6.x multiple Cross Site Scripting scip AG Vulnerability ID 2352 07/04/2006 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2352 I. INTRODUCTION F5 FirePass is an appliance which allows a remote communication between SSL-VPN endpoints. This secure connectivity to corporate...

Super dove gray vip2005 detector detection principle of a simple analysis-vulnerability warning-the black bar safety net

The Preface of the new gray pigeons always give people everywhere the feeling, own it worked in the friend of the host met several times,each time can only be manually determined and clear. Looking at this detector for a little test. The effect is very good, it creates a want to know how she...

Snort Intrusion detection system DoS

Crash on parsing TCP options in verbose mode...

Kismet: Multiple vulnerabilities

Background Kismet is an 802.11 Layer 2 wireless network detector, sniffer, and intrusion detection system. Description Kismet is vulnerable to a heap overflow when handling pcap captures and to an integer underflow in the CDP protocol dissector. Impact With a specially crafted packet an attacker...

CVE-2004-2269

The CVE-2004-2269 entry concerns a stack-based buffer overflow in pads.c of Passive Asset Detection System (Pads). The vulnerability could allow local users to execute arbitrary code via a long report file name argument. Note that Pads is not normally installed setuid, which may affect exploitabi...

CA eTrust Intrusion Detection System Detection

The remote host is running the CA eTrust Intrusion Detection System service. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid18536; scriptversion"1.16"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/02/06"; scriptnameenglish:"CA eTrust Intrusion...

Intrusion.com SecureNet Provider Detection

The remote host appears to run the Intrusion.com SecureNet provider on this port. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18533; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/06/12"; scriptnameenglish:"Intrusion.com...

Intrusion.com SecureNet Sensor Detection

The remote host appears to be an Intrusion.com SecureNet sensor on this port. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18534; scriptversion"1.10"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Intrusion.com SecureNet Sensor Detection";...

Enterasys Dragon Enterprise Reporting Detection

The reporting console for Dragon, a network intrusion detection system distributed by Enterasys, is running on this port. C Tenable Network Security, Inc. Changes by Tenable: - Changed family 8/31/09 - rewritten 2009-11-17 include"compat.inc"; ifdescription scriptid18532; scriptversion"2.9";...