9603 matches found
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
Exploit for unknown platform in category web applications ==================================================== phpBB / $ae= s//$1/; $uber=$1; $uber = s/ //g; $uber = s///g; $uber = s///g; $uber = s/wb...
CVE-2004-0216
Integer overflow in the Install Engine inseng.dll for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-bas...
CVE-2004-0216
CVE-2004-0216 is an Install Engine vulnerability in Internet Explorer (inseng.dll) affecting IE 5.01, 5.5, and 6. It enables remote code execution when a user opens a malicious website or HTML email containing a long CAB file name, triggering an integer/buffer length overflow in the Install Engin...
Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability
Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...
CVE-2004-0907
The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code...
CVE-2004-0841
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."...
AIX 5.2 : IY50452
The remote host is missing AIX Critical Security Patch number IY50452 lqueryvg can fail for Bigvg. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...
AIX 5.2 : IY35509
The remote host is missing AIX Critical Security Patch number IY35509 SECURITY: perfvmmstat extension privilege errors. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
Linux Software Detection Application Install (via Splunk): completed install or update
Binary data 710017.prm...
Windows Software Detection Application Install (via Splunk): code 7045
Binary data 710047.prm...
Windows Software Detection Application Install (via Splunk): code 1033
Binary data 710006.prm...
SUSE-SA:2003:037: pine
The remote host is missing the patch for the advisory SUSE-SA:2003:037 pine. The well known and widely used mail client pine is vulnerable to a buffer overflow. The vulnerability exists in the code processing 'message/external-body' type messages. It allows remote attackers to execute arbitrary...
SUSE-SA:2003:024: openssl
The remote host is missing the patch for the advisory SUSE-SA:2003:024 openssl. Researchers from the University of Stanford have discovered certain weaknesses in OpenSSL's RSA decryption algorithm. It allows remote attackers to compute the private RSA key of a server by observing its timing...
SUSE-SA:2002:048: cyrus-imapd
The remote host is missing the patch for the advisory SUSE-SA:2002:048 cyrus-imapd. The cyrus imapd contains a buffer overflow which could be exploited by remote attackers prior to logging in. Attackers could generate oversized error messages and overflow buffers inside imapd. Additionally to thi...
SuSE-SA:2004:013: cvs
The remote host is missing the patch for the advisory SuSE-SA:2004:013 cvs. The Concurrent Versions System CVS offers tools which allow developers to share and maintain large software projects. Stefan Esser reported buffer overflow conditions within the cvs program. They allow remote attackers to...
PostNuke 0.7x - Install Script Administrator Password Disclosure
PostNuke 0.7x - Install Script Administrator Password Disclosure source: https://www.securityfocus.com/bid/10793/info It is reported that PostNuke may disclose administrator authentication credentials to remote attackers. This issue presents itself because the application fails to remove the...
PostNuke 0.7x - Install Script Administrator Password Disclosure
source: https://www.securityfocus.com/bid/10793/info It is reported that PostNuke may disclose administrator authentication credentials to remote attackers. This issue presents itself because the application fails to remove the install script 'install.php' after installation. This can allow an...
Solaris 9 (sparc) : 116559-01
SunOS 5.9: powerd pmconfig patch. Date this patch was last updated by Sun : Jul/16/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 7 (x86) : 110071-01
SunOS 5.7x86: security: libcurses:setupterm has buffer overflow. Date this patch was last updated by Sun : Mar/09/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...
Solaris 2.5.1 (x86) : 111282-01
SunOS 5.5.1x86: finger doesn't always correctly match NULL userna. Date this patch was last updated by Sun : Jun/15/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...